CVE-2017-12874

CVE-2017-12874 affects the SimpleSAMLphp InfoCard module (version 1.0) and is caused by an incorrect check of return values in signature validation utilities, enabling spoofing of XML messages. The issue is documented in multiple security advisories (e.g., Debian DSA-4127-1) and is listed among a...