CVE-2021-27736 Blast Radius

MEDIUM • CVSS 6.5FusionAuth fusionauth-samlv2 before 0.5.4 allows XXE attacks via a forged AuthnRequest or LogoutRequest because parseFromBytes uses javax.xml.parsers.

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2021-27736.

Start Free Scan →← Back to CVE-2021-27736