Security Overview · node-saml/xml-crypto · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Report a vulnerability

XML signature verification bypass due improper verification of signature / signature spoofing
GHSA-2xp3-57p7-qf4v published May 1, 2024 by cjbarth

Critical
HMAC-SHA1 signatures can bypass validation via key confusion
GHSA-c27r-x354-4m68 published Oct 26, 2020 by yaronn

High

Learn more about advisories related to node-saml/xml-crypto in the GitHub Advisory Database