Lucene search

K
githubGitHub Advisory DatabaseGHSA-G48F-PGWH-WWXX
HistoryMay 17, 2024 - 11:06 p.m.

onelogin/php-saml signature wrapping attacks

2024-05-1723:06:55
GitHub Advisory Database
github.com
7
onelogin
php-saml
vulnerability
signature wrapping
attacks
unauthorized access
system
software

6.3 Medium

AI Score

Confidence

High

0 Low

EPSS

Percentile

0.0%

Vulnerability in onelogin/php-saml versions prior to 2.10.0 allows signature Wrapping attacks which may result in a malicious user gaining unauthorized access to a system.

Affected configurations

Vulners
Node
oneloginonelogin_saml_ssoRange<2.10.0
CPENameOperatorVersion
onelogin/php-samllt2.10.0

6.3 Medium

AI Score

Confidence

High

0 Low

EPSS

Percentile

0.0%

Related for GHSA-G48F-PGWH-WWXX