Duo Security Information for VU#475445
Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal
- Vendor Information Help Date Notified:
- Statement Date: 19 Dec 2017
- Date Updated: 28 Feb 2018
No statement is currently available from the vendor regarding this vulnerability.
Duo Network Gateway (DNG) is affected and assigned CVE-2018-7340.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.