Search for packages
| purl | pkg:composer/simplesamlphp/saml2@2.0.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-6c55-4pyx-ckbx
Aliases: CVE-2025-27773 GHSA-46r4-f8gj-xg56 |
The SimpleSAMLphp SAML2 library incorrectly verifies signatures for HTTP-Redirect binding There's a signature confusion attack in the HTTPRedirect binding. An attacker with any signed SAMLResponse via the HTTP-Redirect binding can cause the application to accept an unsigned message. I believe that it exists for v4 only. I have not yet developed a PoC. V5 is well designed and instead builds the signed query from the same message that will be consumed. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-8b8r-g7e2-qfb2
Aliases: CVE-2024-52806 GHSA-pxm4-r5ph-q2m2 |
SimpleSAMLphp SAML2 has an XXE in parsing SAML messages Summary When loading an (untrusted) XML document, for example the SAMLResponse, it's possible to induce an XXE. |
Affected by 1 other vulnerability. |
|
VCID-ma9b-k5br-ffhd
Aliases: CVE-2024-52596 GHSA-2x65-fpch-2fcm |
SimpleSAMLphp xml-common XXE vulnerability When loading an (untrusted) XML document, for example the SAMLResponse, it's possible to induce an XXE. |
Affected by 1 other vulnerability. |
|
VCID-ucwf-xdma-h7fc
Aliases: CVE-2018-6519 GHSA-hhm8-2j4g-mpgg |
Injection Vulnerability The SAML2 library in `SimpleSAMLphp` has a Regular Expression Denial of Service vulnerability for fraction-of-seconds data in a timestamp. |
Affected by 6 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-v3bx-f3um-8ubc
Aliases: CVE-2023-41890 GHSA-fv2h-753j-9g39 |
Authentication Bypass by Alternate Name Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider. Prior to versions 1.0.3 and 2.9.2, when a response is processed, the issuer of the Identity Provider is not sufficiently validated. This could allow a malicious identity provider to craft a Saml2 response that is processed as if issued by another identity provider. It is also possible for a malicious end user to cause stored state intended for one identity provider to be used when processing the response from another provider. An application is impacted if they rely on any of these features in their authentication/authorization logic: the issuer of the generated identity and claims; or items in the stored request state (AuthenticationProperties). This issue is patched in versions 2.9.2 and 1.0.3. The `AcsCommandResultCreated` notification can be used to add the validation required if an upgrade to patched packages is not possible. |
Affected by 6 other vulnerabilities. |
|
VCID-wbt9-snjj-uuea
Aliases: CVE-2018-7644 GHSA-923w-2xv2-7pr8 |
Improper signature validation The `XmlSecLibs` library as used in the saml2 library in SimpleSAMLphp incorrectly verifies signatures on SAML assertions, allowing a remote attacker to construct a crafted SAML assertion on behalf of an Identity Provider that would pass as cryptographically valid, thereby allowing them to impersonate a user from that Identity Provider, aka a key confusion issue. |
Affected by 5 other vulnerabilities. Affected by 4 other vulnerabilities. |
|
VCID-xx6m-pvgs-puga
Aliases: CVE-2018-7711 GHSA-g888-g2pp-82hf |
Incorrect signature validation An incorrect check of return values in the signature validation utilities allows an attacker to get invalid signatures accepted as valid by forcing an error during validation. |
Affected by 4 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-zemd-kbb3-s3cr
Aliases: CVE-2016-9814 GHSA-r8v4-7vwj-983x |
Incorrect signature verification An incorrect check of return values in the signature validation utilities allows an attacker to get invalid signatures accepted as valid by forcing an error during validation. |
Affected by 7 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||