VDB
DEBIAN-CVE-2017-1000246
DEBIAN-CVE-2017-1000246
PUBLISHED
CVSS 5.300000190734863 MEDIUM
Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.
Risk Scores
CVSS v3.0
5.300000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | python-pysaml2 | 0, 0, 0 |
| Debian:11 | python-pysaml2 | 0, 0, 0 |
| Debian:12 | python-pysaml2 | 0, 0, 0 |
| Debian:13 | python-pysaml2 | 0, 0, 0 |
Timeline
- Nov 17, 2017 CVE Published
- Apr 28, 2026 CVE Updated