CVE-2019-18632

European Commission eIDAS-Node Integration Package before 2.3.1 allows Certificate Faking because an attacker can sign a manipulated SAML response with a forged certificate. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt