pkg:Debian/simplesamlphp

All known vulnerabilities

• CRITICAL9.8CVE-2017-12868simplesamlphp - security update
  from 0, < 1.13.1-2+deb8u2
• CRITICAL9.8CVE-2017-12868simplesamlphp - security update
  from 0, < 1.14.15-1
• CRITICAL9.8CVE-2018-6521SimpleSAMLphp Use of insecure connection charset (sqlauth module)
  from 0, < 1.15.2-1
• CRITICAL9.8CVE-2017-12873Incorrect persistent NameID generation in SimpleSAMLphp
  from 0, < 1.14.11-1
• CRITICAL9.1CVE-2016-9814simplesamlphp - security update
  from 0, < 1.9.2-1+deb7u3
• CRITICAL9.1CVE-2016-9814simplesamlphp - security update
  from 0, < 1.14.10-1
• HIGH8.8CVE-2019-3465simplesamlphp - security update
  from 0, < 1.17.6-2
• HIGH8.8CVE-2019-3465simplesamlphp - security update
  from 0, < 1.13.1-2+deb8u3
• HIGH8.8CVE-2019-3465simplesamlphp - security update
  from 0, < 1.14.11-1+deb9u2
• HIGH8.6CVE-2025-27773simplesamlphp - security update
  from 0, < 1.19.0-1+deb11u2
• HIGH8.6CVE-2025-27773simplesamlphp - security update
  from 0, < 1.19.0-1+deb11u2
• HIGH8.3CVE-2024-52806SimpleSAMLphp SAML2 has an XXE in parsing SAML messages
  from 0, < 1.19.0-1+deb11u1
• HIGH8.1CVE-2018-7711simplesamlphp - security update
  from 0, < 1.15.4-1
• HIGH8.1CVE-2018-7711simplesamlphp - security update
  from 0, < 1.9.2-1+deb7u4
• HIGH8.1CVE-2017-18122SimpleSAMLphp Signature validation bypass
  from 0, < 1.15.0-1
• HIGH7.5CVE-2018-6519SimpleSAMLphp SAML2 library Regular Expression Denial of Service vulnerability
  from 0, < 1.15.2-1
• HIGH7.5CVE-2017-12874SimpleSAMLphp InfoCard module Incorrect signature verification
  from 0, < 1.14.11-1
• HIGH7.5CVE-2017-12869SimpleSAMLphp Authentication context bypass in the multiauth module
  from 0, < 1.14.15-1
• HIGH7.5CVE-2018-7644SimpleSAMLphp Improper Verification of Cryptographic Signature
  from 0, < 1.15.3-1
• HIGH7.5CVE-2011-4625simplesamlphp - several
  from 0, < 1.8.1-1
• HIGH7.5CVE-2011-4625simplesamlphp - several
  from 0, < 1.6.3-2
• MEDIUM6.3CVE-2016-9955Incorrect signature verification in SimpleSAMLphp
  from 0, < 1.14.11-1
• MEDIUM6.1CVE-2018-6520SimpleSAMLphp Open redirection protection bypass
  from 0, < 1.15.2-1
• MEDIUM6.1CVE-2017-18121simplesamlphp - security update
  from 0, < 1.15.0-1
• MEDIUM6.1CVE-2017-18121simplesamlphp - security update
  from 0, < 1.9.2-1+deb7u2
• MEDIUM5.9CVE-2017-12870SimpleSAMLphp Unauthenticated encryption in CBC mode
  from 0, < 1.14.15-1
• MEDIUM5.9CVE-2017-12871SimpleSAMLphp Incorrect IV generation for encryption
  from 0, < 1.14.15-1
• MEDIUM5.9CVE-2017-12872SimpleSAMLphp allows timing side-channel attacks
  from 0, < 1.14.15-1
• MEDIUM5.9CVE-2017-12867simplesamlphp - security update
  from 0, < 1.14.15-1
• MEDIUM5.9CVE-2017-12867simplesamlphp - security update
  from 0, < 1.9.2-1+deb7u1
• MEDIUM5.9CVE-2017-12867simplesamlphp - security update
  from 0, < 1.13.1-2+deb8u1
• MEDIUM5.3CVE-2016-3124SimpleSAMLphp Information leakage issue in the sanitycheck module
  from 0, < 1.14.1-1
• MEDIUM4.4CVE-2020-5226Cross-site scripting in SimpleSAMLphp
  from 0, < 1.18.4-1
• MEDIUM4.4CVE-2020-5225Log injection in SimpleSAMLphp
  from 0, < 1.18.4-1
• —CVE-2024-52596simplesamlphp - security update
  from 0, < 1.19.0-1+deb11u1
• —CVE-2024-52596simplesamlphp - security update
  from 0, < 1.19.0-1+deb11u1
• —CVE-2024-52596simplesamlphp - security update
  from 0, < 1.19.7-1+deb12u1
• —CVE-2012-0908Cross-site scripting (XSS) vulnerability in logout.php in SimpleSAMLphp 1.8.1 and possibly other versions before 1.8.2 allows remote attack…
  from 0, < 1.8.2-1
• —CVE-2012-0040simplesamlphp - cross site scripting
  from 0, < 1.8.2-1
• —CVE-2012-0040simplesamlphp - cross site scripting
  from 0, < 1.6.3-3