pkg:Debian/simplesamlphp

All known vulnerabilities

• CRITICAL9.8CVE-2017-12868simplesamlphp - security update
  from 0, < 1.13.1-2+deb8u2
• CRITICAL9.8CVE-2017-12868simplesamlphp - security update
  from 0, < 1.14.15-1
• CRITICAL9.8CVE-2018-6521SimpleSAMLphp Use of insecure connection charset (sqlauth module)
  from 0, < 1.15.2-1
• CRITICAL9.8Incorrect persistent NameID generation in SimpleSAMLphp
  from 0, < 1.14.11-1
• CRITICAL9.1simplesamlphp - security update
  from 0, < 1.9.2-1+deb7u3
• CRITICAL9.1simplesamlphp - security update
  from 0, < 1.14.10-1
• HIGH8.8simplesamlphp - security update
  from 0, < 1.17.6-2
• HIGH8.8simplesamlphp - security update
  from 0, < 1.13.1-2+deb8u3
• HIGH8.8simplesamlphp - security update
  from 0, < 1.14.11-1+deb9u2
• HIGH8.6simplesamlphp - security update
  from 0, < 1.19.0-1+deb11u2
• HIGH8.6simplesamlphp - security update
  from 0, < 1.19.0-1+deb11u2
• HIGH8.3SimpleSAMLphp SAML2 has an XXE in parsing SAML messages
  from 0, < 1.19.0-1+deb11u1
• HIGH8.1simplesamlphp - security update
  from 0, < 1.15.4-1
• HIGH8.1simplesamlphp - security update
  from 0, < 1.9.2-1+deb7u4
• HIGH8.1SimpleSAMLphp Signature validation bypass
  from 0, < 1.15.0-1
• HIGH7.5SimpleSAMLphp SAML2 library Regular Expression Denial of Service vulnerability
  from 0, < 1.15.2-1
• HIGH7.5SimpleSAMLphp InfoCard module Incorrect signature verification
  from 0, < 1.14.11-1
• HIGH7.5SimpleSAMLphp Authentication context bypass in the multiauth module
  from 0, < 1.14.15-1
• HIGH7.5SimpleSAMLphp Improper Verification of Cryptographic Signature
  from 0, < 1.15.3-1
• HIGH7.5simplesamlphp - several
  from 0, < 1.8.1-1
• HIGH7.5simplesamlphp - several
  from 0, < 1.6.3-2
• MEDIUM6.3Incorrect signature verification in SimpleSAMLphp
  from 0, < 1.14.11-1
• MEDIUM6.1SimpleSAMLphp Open redirection protection bypass
  from 0, < 1.15.2-1
• MEDIUM6.1simplesamlphp - security update
  from 0, < 1.15.0-1
• MEDIUM6.1simplesamlphp - security update
  from 0, < 1.9.2-1+deb7u2
• MEDIUM5.9SimpleSAMLphp Unauthenticated encryption in CBC mode
  from 0, < 1.14.15-1
• MEDIUM5.9SimpleSAMLphp Incorrect IV generation for encryption
  from 0, < 1.14.15-1
• MEDIUM5.9SimpleSAMLphp allows timing side-channel attacks
  from 0, < 1.14.15-1
• MEDIUM5.9simplesamlphp - security update
  from 0, < 1.14.15-1
• MEDIUM5.9simplesamlphp - security update
  from 0, < 1.9.2-1+deb7u1
• MEDIUM5.9simplesamlphp - security update
  from 0, < 1.13.1-2+deb8u1
• MEDIUM5.3SimpleSAMLphp Information leakage issue in the sanitycheck module
  from 0, < 1.14.1-1
• MEDIUM4.4Cross-site scripting in SimpleSAMLphp
  from 0, < 1.18.4-1
• MEDIUM4.4Log injection in SimpleSAMLphp
  from 0, < 1.18.4-1
• —simplesamlphp - security update
  from 0, < 1.19.0-1+deb11u1
• —simplesamlphp - security update
  from 0, < 1.19.0-1+deb11u1
• —simplesamlphp - security update
  from 0, < 1.19.7-1+deb12u1
• —Cross-site scripting (XSS) vulnerability in logout.php in SimpleSAMLphp 1.8.1 and possibly other versions before 1.8.2 allows remote attack…
  from 0, < 1.8.2-1
• —simplesamlphp - cross site scripting
  from 0, < 1.8.2-1
• —simplesamlphp - cross site scripting
  from 0, < 1.6.3-3