Python package pysaml2 version 4.4.0 and previous versions reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pysaml2 project pysaml2 |