CVE-2024-52806

SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. When loading an untrusted XML document, for example the SAMLResponse, it's possible to induce an XXE. This vulnerability is fixed in 4.6.14 and 5.0.0-alpha.18...

CVE-2024-52806 SimpleSAMLphp SAML2 has an XXE in parsing SAML messages

SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. When loading an untrusted XML document, for example the SAMLResponse, it's possible to induce an XXE. This vulnerability is fixed in 4.6.14 and 5.0.0-alpha.18...

CVE-2024-52806

SimpleSAMLphp SAML2 library is affected by an XXE when loading an untrusted XML document (e.g., SAMLResponse). The issue is tied to parsing XML in the library, and the vulnerability is fixed in versions 4.6.14 and 5.0.0-alpha.18. Affected component: SimpleSAMLphp SAML2; root cause: XXE during XML...

CVE-2024-52806

SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. When loading an untrusted XML document, for example the SAMLResponse, it's possible to induce an XXE. This vulnerability is fixed in 4.6.14 and 5.0.0-alpha.18...

PT-2024-35456 · Unknown · Simplesamlphp Saml2 Library

Name of the Vulnerable Software and Affected Versions: SimpleSAMLphp SAML2 library versions prior to 4.6.14 SimpleSAMLphp SAML2 library versions prior to 5.0.0-alpha.18 Description: The SimpleSAMLphp SAML2 library is vulnerable to an XML External Entity XXE attack when loading untrusted XML...