XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAML XML request or response.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "python-pysaml2-doc": "3.0.0-3ubuntu1.16.04.1", "python3-pysaml2": "3.0.0-3ubuntu1.16.04.1", "python-pysaml2": "3.0.0-3ubuntu1.16.04.1" } ] }