Lucene search
Ubuntu.comUB:CVE-2017-12874HistorySep 01, 2017 - 12:00 a.m.
CVE-2017-12874
2017-09-0100:00:00
ubuntu.com
ubuntu.com
8
0.002 Low
EPSS
Percentile
60.8%
The InfoCard module 1.0 for SimpleSAMLphp allows attackers to spoof XML
messages by leveraging an incorrect check of return values in signature
validation utilities.
Notes
| Author | Note |
|---|---|
| sbeattie | according to debian, issue lies in simplesamlphp/simplesamlphp-module-infocard and fixed in module version 1.0.1. The module is embedded in simplesamlphp. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 16.04 | noarch | simplesamlphp | < any | UNKNOWN |
Related
osv
osv
CVE-2017-12874
2017-09-01 21:29:00
SimpleSAMLphp InfoCard module Incorrect signature verification
2022-05-14 01:05:32
simplesamlphp - security update
2017-12-12 00:00:00
github
github
SimpleSAMLphp InfoCard module Incorrect signature verification
2022-05-14 01:05:32
prion
prion
Input validation
2017-09-01 21:29:00
cvelist
cvelist
CVE-2017-12874
2017-09-01 21:00:00
veracode
veracode
Authentication Bypass
2017-08-21 14:07:13
friendsofphp
friendsofphp
Incorrect signature verification
2016-12-03 12:16:03
cve
cve
CVE-2017-12874
2017-09-01 21:29:00
debiancve
debiancve
CVE-2017-12874
2017-09-01 21:29:00
openvas
openvas
Debian: Security Advisory (DLA-1205-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-4127-1)
2018-03-01 00:00:00
nessus
nessus
Debian DLA-1205-1 : simplesamlphp security update
2017-12-13 00:00:00
Debian DSA-4127-1 : simplesamlphp - security update
2018-03-05 00:00:00
debian
debian
[SECURITY] [DLA 1205-1] simplesamlphp security update
2017-12-12 10:13:42
[SECURITY] [DSA 4127-1] simplesamlphp security update
2018-03-02 06:16:19
[SECURITY] [DSA 4127-1] simplesamlphp security update
2018-03-02 06:15:39