4 matches found
EUVD-2025-201790
xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Versions 3.1.3 contain an authentication bypass vulnerability due to a flaw in the libxml2 canonicalization process during document transformation. When libxml2’s canonicalization is invoked on an invalid XML...
CVE-2019-3465
Rob Richards XmlSecLibs, all versions prior to v3.0.3, as used for example by SimpleSAMLphp, performed incorrect validation of cryptographic signatures in XML messages, allowing an authenticated attacker to impersonate others or elevate privileges by creating a crafted XML message...
CVE-2019-3465
Rob Richards XmlSecLibs, all versions prior to v3.0.3, as used for example by SimpleSAMLphp, performed incorrect validation of cryptographic signatures in XML messages, allowing an authenticated attacker to impersonate others or elevate privileges by creating a crafted XML message...
CVE-2019-3465
CVE-2019-3465 affects Rob Richards XmlSecLibs (all versions before 3.0.3) used by SimpleSAMLphp, where XML signature validation is incorrect. An authenticated attacker can impersonate others or elevate privileges via crafted XML messages. The issue is mitigated by upgrading XmlSecLibs to v3.0.3 o...