Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
European Commission eIDAS-Node Integration Package before 2.3.1 has Missing Certificate Validation because a certain ExplicitKeyTrustEvaluator return value is not checked. NOTE: only 2.1 is confirmed to be affected.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
European Commission eIDAS-Node Integration Package 信任管理问题漏洞
Vulnerability Description
European Commission eIDAS-Node Integration Package是欧盟委员会(European Commission)的一款电子身份证eIDAS配置文件的样本实现。 European Commission eIDAS-Node Integration Package 2.3.1之前版本中存在安全漏洞,该漏洞源于程序没有检查ExplicitKeyTrustEvaluator的返回值。攻击者可利用该漏洞使用任意凭证签名SAML响应。
CVSS Information
N/A
Vulnerability Type
N/A