CVE-2011-4625

simplesamlphp before 1.6.3 squeeze and before 1.8.2 sid incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages...

CVE-2011-4625

simplesamlphp before 1.6.3 squeeze and before 1.8.2 sid incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages...

Code injection

simplesamlphp before 1.6.3 squeeze and before 1.8.2 sid incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages...

CVE-2011-4625

simplesamlphp before 1.6.3 squeeze and before 1.8.2 sid incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages...

CVE-2011-4625

The CVE-2011-4625 entry concerns simplesamlphp and its XML encryption handling. In affected versions (before 1.6.3 for squeeze and before 1.8.2 for sid), the software allegedly mishandles XML encryption, which could allow remote attackers to decrypt or forge messages. The connected documents conf...

CVE-2011-4625

simplesamlphp before 1.6.3 squeeze and before 1.8.2 sid incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages...

[SECURITY] [DLA 1983-1] simplesamlphp security update

Package : simplesamlphp Version : 1.13.1-2+deb8u3 CVE ID : CVE-2019-3465 Debian Bug : 944107 It was discovered that in SimpleSAMLphp, an implementation of the SAML 2.0 protocol, it was possible to circumvent XML signature verification on SAML messages. For Debian 8 "Jessie", this problem has been...

[SECURITY] [DSA 4560-1] simplesamlphp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4560-1 [email protected] https://www.debian.org/security/ Thijs Kinkhorst November 06, 2019 https://www.debian.org/security/faq -...

DLA-1983-1 simplesamlphp - security update

Bulletin has no description...

DSA-4560-1 simplesamlphp - security update

Bulletin has no description...

proxystatistics module for SimpleSAMLphp SQL Injection Vulnerability

proxystatistics module for SimpleSAMLphp is a module for SimpleSAMLphp that supports displaying proxy IdP/SP statistics. A SQL injection vulnerability exists in the lib/Auth/Process/DatabaseCommand.php file in the proxystatistics module prior to version 3.1.0 for SimpleSAMLphp, which can be...

SQL Injection

cesnet/simplesamlphp-module-proxystatistics is vulnerable to SQL injection. The vulnerability exists as the statements in lib/Auth/Process/DatabaseCommand.php is not parameterized...

CVE-2019-15537

The proxystatistics module before 3.1.0 for SimpleSAMLphp allows SQL Injection in lib/Auth/Process/DatabaseCommand.php...

CVE-2019-15537

The proxystatistics module before 3.1.0 for SimpleSAMLphp allows SQL Injection in lib/Auth/Process/DatabaseCommand.php...

Sql injection

The proxystatistics module before 3.1.0 for SimpleSAMLphp allows SQL Injection in lib/Auth/Process/DatabaseCommand.php...

CVE-2019-15537

The proxystatistics module before 3.1.0 for SimpleSAMLphp allows SQL Injection in lib/Auth/Process/DatabaseCommand.php...

CVE-2019-15537

The CVE-2019-15537 entry concerns the proxystatistics module for SimpleSAMLphp, affected when using versions prior to 3.1.0. The underlying issue, as described across connected sources, is an SQL injection vulnerability in lib/Auth/Process/DatabaseCommand.php due to non-parameterized statements. ...

Fedora 28 : php-simplesamlphp-saml2 (2018-85cb15befd)

SSPSA 201803-01 / CVE-2018-7711 - SSPSA 201802-01 / CVE-2018-7644 - SSPSA 201801-01 / CVE-2018-6519 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...

Fedora 28 : php-simplesamlphp-saml2_1 (2018-0ee228da17)

SSPSA 201803-01 / CVE-2018-7711 - SSPSA 201802-01 / CVE-2018-7644 - SSPSA 201801-01 / CVE-2018-6519 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...

Fedora 28 : php-simplesamlphp-saml2_3 (2018-8cda2309d6)

SSPSA 201803-01 / CVE-2018-7711 - SSPSA 201802-01 / CVE-2018-7644 - SSPSA 201801-01 / CVE-2018-6519 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...