58 matches found
EUVD-2010-2459
Malware in sbrugna...
Debian: Security Advisory (DLA-4300-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-9943
An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider SP is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing f...
Debian: Security Advisory (DSA-5994-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-36661
Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows...
Information disclosure
DISPUTED Insecure folder permissions in the Windows installation path of Shibboleth Service Provider SP before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt...
SUSE SLES15 Security Update : shibboleth-sp (SUSE-SU-2021:3244-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:3244-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 70300 C...
openSUSE 15 Security Update : shibboleth-sp (openSUSE-SU-2021:3244-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:3244-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 70300 C...
SUSE: Security Advisory (SUSE-SU-2021:3244-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for shibboleth-sp (openSUSE-SU-2021:3244-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for shibboleth-sp (low)
openSUSE Security Update: Security update for shibboleth-sp Announcement ID: openSUSE-SU-2021:3244-1 Rating: low References: 1184222 Affected Products: openSUSE Leap 15.3 An update that contains security fixes can now be installed. Description: This update for shibboleth-sp fixes the following...
SUSE: Security Advisory (SUSE-SU-2019:3386-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-4905-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4905-1 : shibboleth-sp - security update
It was discovered that the Shibboleth Service Provider is prone to a NULL pointer dereference flaw in the cookie-based session recovery feature. A remote, unauthenticated attacker can take advantage of this flaw to cause a denial of service crash in the shibd daemon/service. For additional...
[SECURITY] [DSA 4905-1] shibboleth-sp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4905-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 27, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4905-1] shibboleth-sp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4905-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 27, 2021 https://www.debian.org/security/faq -...
DSA-4905-1 shibboleth-sp - security update
Bulletin has no description...
SUSE: Security Advisory (SUSE-SU-2020:0115-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:3215-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-4872-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...