CVE-2020-36563

Published December 28th, 2022

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

XML Digital Signatures generated and validated using this package use SHA-1, which may allow an attacker to craft inputs which cause hash collisions depending on their control over the input.

RobotsAndPencils/go-saml

A just good enough SAML client library written in Go.

GitHub

133