Linux Distros Unpatched Vulnerability : CVE-2017-18122

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A signature-validation bypass issue was discovered in SimpleSAMLphp through 1.14.16. A SimpleSAMLphp Service Provider using SAML 1.1 will regard as valid any...

Binary vulnerability exists in Vim (CNVD-2023-18122)

Vim is a cross-platform text editor that is vulnerable to a binary vulnerability that could be exploited by attackers to execute arbitrary code...

Debian DSA-4127-1 : simplesamlphp - security update

Several vulnerabilities have been discovered in SimpleSAMLphp, a framework for authentication, primarily via the SAML protocol. - CVE-2017-12867 Attackers with access to a secret token could extend its validity period by manipulating the prepended time offset. - CVE-2017-12869 When using the...

[SECURITY] [DSA 4127-1] simplesamlphp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4127-1 [email protected] https://www.debian.org/security/ Thijs Kinkhorst March 02, 2018 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-4127-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-1273-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1273-1] simplesamlphp security update

Package : simplesamlphp Version : 1.9.2-1+deb7u2 CVE ID : CVE-2017-18121 CVE-2017-18122 CVE-2018-6521 Debian Bug : 889286 simplesamlphp, an authentication and federation application has been found vulnerable to Cross Site Scripting XSS, signature validation byepass and using insecure connection...

Debian DLA-1273-1 : simplesamlphp security update

simplesamlphp, an authentication and federation application has been found vulnerable to Cross Site Scripting XSS, signature validation byepass and using insecure connection charset. CVE-2017-18121 A Cross Site Scripting XSS issue has been found in the consentAdmin module of SimpleSAMLphp through...

CVE-2017-18122

A signature-validation bypass issue was discovered in SimpleSAMLphp through 1.14.16. A SimpleSAMLphp Service Provider using SAML 1.1 will regard as valid any unsigned SAML response containing more than one signed assertion, provided that the signature of at least one of the assertions is valid...

CVE-2017-18122

A signature-validation bypass issue was discovered in SimpleSAMLphp through 1.14.16. A SimpleSAMLphp Service Provider using SAML 1.1 will regard as valid any unsigned SAML response containing more than one signed assertion, provided that the signature of at least one of the assertions is valid...

CVE-2017-18122

CVE-2017-18122 describes a signature-validation bypass in SimpleSAMLphp (up to 1.14.16) where a Service Provider using SAML 1.1 would treat as valid an unsigned SAML response that contains more than one signed assertion, as long as at least one signature is valid. This can let an attacker imperso...

CVE-2018-18122

...

CVE-2018-18122

CVE-2018-18122 is rejected/not used per the Initial Description.