View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2017-11427 severity critical: SUSE including 17 source package names (python-python3-saml, python3-defusedxml-0.6.0-1.5.1, …), 20 product×package rows across 8 product lines (SUSE Enterprise Storage 6, SUSE Linux Enterprise Module for Basesystem 15 SP2, … (8 product lines)): Fixed 18, Known Not Affected 2.
OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.