Public CVE-2017-1000432 disclosure

pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.

Link not working? No problem! With VULNMAP you always have guaranteed access to security information thanks to reliable backups.

Our backup links ensure that critical data remains always available, even in case of unavailability of original sites.