SUSE SLES15 Security Update : opensaml (SUSE-SU-2025:01500-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:01500-1 advisory. - CVE-2025-31335: Fixed a bug where parameter manipulation allows the forging of signed SAML messages. bsc1239889 Tenable has extracted the...

K000151066: OpenSAML vulnerability CVE-2025-31335

Security Advisory Description The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation when using SAML bindings that rely on non-XML signatures. CVE-2025-31335 Impact There is no impact; F5 products are not affected by this vulnerability. Security...

CVE-2025-31335

CVE-2025-31335 affects the OpenSAML C++ library prior to 3.3.1, where parameter manipulation can forge signed SAML messages for bindings that rely on non-XML signatures. The issue is confirmed in multiple feeds referencing OpenSAML

Exploit for CVE-2024-32962

Poc-CVE-2024-32962-xml-crypto A simulation of an atta...

[SECURITY] [DSA 5879-1] opensaml security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5879-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 16, 2025 https://www.debian.org/security/faq -...

FreeBSD : shibboleth-sp -- Parameter manipulation allows the forging of signed SAML messages (0b43fac4-005d-11f0-a540-6cc21735f730)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 0b43fac4-005d-11f0-a540-6cc21735f730 advisory. The Shibboleth Project reports: An updated version of the OpenSAML C++ library is available which...