reports/GO-2020-0047.yaml - vulndb - Git at Google

 module: github.com/RobotsAndPencils/go-saml
 description: |
   XML Digital Signatures generated and validated using this package use
   SHA-1, as such an attacker may be able to craft input which cause
   hash collisions.
 published: 2021-04-14T12:00:00Z
 symbols:
 - AuthnRequest.Validate
 - NewAuthnRequest
 - NewSignedResponse
 links:
   context:
   - https://github.com/RobotsAndPencils/go-saml/pull/38
	module: github.com/RobotsAndPencils/go-saml
	description: \|
	XML Digital Signatures generated and validated using this package use
	SHA-1, as such an attacker may be able to craft input which cause
	hash collisions.
	published: 2021-04-14T12:00:00Z
	symbols:
	- AuthnRequest.Validate
	- NewAuthnRequest
	- NewSignedResponse
	links:
	context:
	- https://github.com/RobotsAndPencils/go-saml/pull/38