2 matches found
CVE-2018-7711
CVE-2018-7711 affects the SimpleSAMLphp saml2 library, specifically HTTPRedirect.php in versions prior to 1.15.4. The root cause is an incorrect check of return values in the signature validation utilities, caused by a dependency on PHP behavior that interprets a -1 error code as true. This lets ...
CVE-2018-6519
The vulnerability CVE-2018-6519 affects SimpleSAMLphp’s SAML2 library: Regular Expression Denial of Service for fraction-of-seconds in timestamps. Affected versions are SimpleSAMLphp SAML2 library before 1.10.4, 2.x before 2.3.5, and 3.x before 3.1.1. Impact is partial availability (DoS) via netw...