Simplesamlphp Saml2

6 CVEs affecting Simplesamlphp Saml2. Latest disclosed: 2025-03-11. Critical: 1, High: 4.

Top CVEs affecting Simplesamlphp Saml2
CVESeverityScorePublishedSummary
CVE-2016-9814Critical9.12017-02-17The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2…
CVE-2025-27773High8.62025-03-11The SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. Prior to versions 4.17.0 and 5.0.0-alpha.20, there is a signature confusion a…
CVE-2024-52806High8.32024-12-02SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. When loading an (untrusted) XML document, for example the SAMLResponse, it's poss…
CVE-2018-7711High8.12018-03-05HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an…
CVE-2018-6519High7.52018-02-02The SAML2 library before 1.10.4, 2.x before 2.3.5, and 3.x before 3.1.1 in SimpleSAMLphp has a Regular Expression Denial of Service vulnerability for fraction-…
CVE-2023-49087Medium6.82023-11-30xml-security is a library that implements XML signatures and encryption. Validation of an XML signature requires verification that the hash value of the relate…