5 matches found
[SECURITY] [DLA 4161-1] simplesamlphp security update
Debian LTS Advisory DLA-4161-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost May 09, 2025 https://wiki.debian.org/LTS Package : simplesamlphp Version : 1.19.0-1+deb11u2 CVE ID : CVE-2025-27773 Debian Bug : 1100595 A vulnerability has been discovered in SimpleSAMLph...
Debian dla-4161 : simplesamlphp - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4161 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4161-1 [email protected] https://www.debian.org/lts/security/...
CVE-2025-27773
creationtimestamp| type| source ---|---|--- 2025-03-11 19:48:53+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114145527842239250 2025-03-11 20:21:09+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7223 2025-03-11 20:46:20+00:00| seen|...
CVE-2025-27773 SimpleSAMLphp SAML2 library has incorrect signature verification for HTTP-Redirect binding
The SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. Prior to versions 4.17.0 and 5.0.0-alpha.20, there is a signature confusion attack in the HTTPRedirect binding. An attacker with any signed SAMLResponse via the HTTP-Redirect binding can cause the application to...
CVE-2025-27773 SimpleSAMLphp SAML2 library has incorrect signature verification for HTTP-Redirect binding
The SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. Prior to versions 4.17.0 and 5.0.0-alpha.20, there is a signature confusion attack in the HTTPRedirect binding. An attacker with any signed SAMLResponse via the HTTP-Redirect binding can cause the application to...