K000151066: OpenSAML vulnerability CVE-2025-31335

Security Advisory Description The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation when using SAML bindings that rely on non-XML signatures. CVE-2025-31335 Impact There is no impact; F5 products are not affected by this vulnerability. Security...

Shibboleth < 3.5.0.1 Forged Messages

The version of Shibboleth Service Provider installed on the remote is prior to 3.5.0.1. It is, therefore, affected by a vulnerability. The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation when using SAML bindings that rely on non-XML signatures...

SUSE CVE-2025-31335

The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation when using SAML bindings that rely on non-XML signatures...

CVE-2025-31335

A flaw was found in the OpenSAML C++ library. This vulnerability allows forging signed SAML messages via parameter manipulation when using SAML bindings that rely on non-XML signatures. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the...

CVE-2025-31335

The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation when using SAML bindings that rely on non-XML signatures...

CVE-2025-31335

The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation when using SAML bindings that rely on non-XML signatures...

DEBIAN-CVE-2025-31335

The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation when using SAML bindings that rely on non-XML signatures...

OpenSAML 安全漏洞

OpenSAML is a set of open source C++ and Java libraries from OpenSAML Open Source designed to support developers using the Security Assertion Markup Language SAML. A security vulnerability exists in OpenSAML versions prior to 3.3.1 that stems from a parameter manipulation that could lead to a...

CVE-2025-31335

The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation when using SAML bindings that rely on non-XML signatures...

CVE-2025-31335

CVE-2025-31335 affects the OpenSAML C++ library prior to 3.3.1, where parameter manipulation can forge signed SAML messages for bindings that rely on non-XML signatures. The issue is confirmed in multiple feeds referencing OpenSAML

Debian: Security Advisory (DLA-4093-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-31335

The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation when using SAML bindings that rely on non-XML signatures...

Debian dla-4093 : libsaml-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4093 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4093-1 [email protected] https://www.debian.org/lts/security/...

CVE-2025-31335

The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation when using SAML bindings that rely on non-XML signatures...

[SECURITY] [DLA 4093-1] opensaml security update

Debian LTS Advisory DLA-4093-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson March 27, 2025 https://wiki.debian.org/LTS Package : opensaml Version : 3.2.0-2+deb11u1 CVE ID : TEMP-1100464-F28DDC Debian Bug : 1100464 Alexander Tan discovered that the OpenSAML C...

DLA-4093-1 opensaml - security update

Bulletin has no description...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : OpenSAML vulnerability (USN-7364-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7364-1 advisory. Alexander Tan discovered that the OpenSAML C++ library was susceptible to forging of signed SAML messages...

Ubuntu: Security Advisory (USN-7364-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7364-1: OpenSAML vulnerability

Alexander Tan discovered that the OpenSAML C++ library was susceptible to forging of signed SAML messages. An attacker could possibly use this issue to gain unauthorized access to a system and manipulate sensitive information...

USN-7364-1 opensaml vulnerability

Alexander Tan discovered that the OpenSAML C++ library was susceptible to forging of signed SAML messages. An attacker could possibly use this issue to gain unauthorized access to a system and manipulate sensitive information...