European Commission eIDAS-Node Integration Package before 2.3.1 allows Certificate Faking because an attacker can sign a manipulated SAML response with a forged certificate.
{
"source": "CPE_RANGE",
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "2.3.1"
}
],
"cpe": "cpe:2.3:a:europa:eidas-node_integration_package:*:*:*:*:*:*:*:*"
}