Lucene search
K

6 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in xmltooling

Shibboleth XMLTooling before version 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allowed SSRF through a specially crafted KeyInfo element. This issue has been fixed, for example, in Shibboleth Service Provider 3.4.1.3 on Windows...

7.5CVSS7.7AI score0.03055EPSS
Exploits3References1
OSV
OSV
added 2023/06/25 10:15 p.m.7 views

UBUNTU-CVE-2023-36661

Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows...

7.5CVSS5.8AI score0.03055EPSS
Exploits3References5
OSV
OSV
added 2019/04/11 8:29 p.m.1 views

DEBIAN-CVE-2019-9628

The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and propagates an unexpected...

7.5CVSS7AI score0.02052EPSS
Exploits0References1
CNVD
CNVD
added 2015/08/14 12:0 a.m.6 views

Shibboleth OpenSAML-C and Shibboleth Service Provider XMLTooling-C Numeric Error Vulnerabilities

Shibboleth OpenSAML-C and Shibboleth Service Provider SP are both products of Shibboleth, a British company. OpenSAML-C is an open source library for implementing SAML Security Assertion Markup Language written in C. Shibboleth is an open source web single sign-on system based on the SAML protoco...

5CVSS6.8AI score0.02444EPSS
Exploits0References1
OSV
OSV
added 2015/08/12 2:59 p.m.2 views

DEBIAN-CVE-2015-0851

XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth Service Provider SP, does not properly handle integer conversion exceptions, which allows remote attackers to cause a denial of service crash via schema-invalid XML data...

5CVSS6.9AI score0.02444EPSS
Exploits0References1
OSV
OSV
added 2015/08/12 2:59 p.m.2 views

UBUNTU-CVE-2015-0851

XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth Service Provider SP, does not properly handle integer conversion exceptions, which allows remote attackers to cause a denial of service crash via schema-invalid XML data...

5CVSS7.1AI score0.02444EPSS
Exploits0References4
Rows per page
Query Builder