exploitDog

GHSA-g7vg-v5mg-xqvv

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

European Commission eIDAS-Node Integration Package before 2.3.1 allows Certificate Faking because an attacker can sign a manipulated SAML response with a forged certificate.

European Commission eIDAS-Node Integration Package before 2.3.1 allows Certificate Faking because an attacker can sign a manipulated SAML response with a forged certificate.

Ссылки

EPSS

Процентиль: 41%

0.00196

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-295

Связанные уязвимости

CVE-2019-18632

CVSS3: 9.8

nvd

больше 6 лет назад

European Commission eIDAS-Node Integration Package before 2.3.1 allows Certificate Faking because an attacker can sign a manipulated SAML response with a forged certificate.

EPSS

Процентиль: 41%

0.00196

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-295