Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    43 vulnerabilities by Shibboleth

    CVE-2025-9943 (GCVE-0-2025-9943)

    Vulnerability from nvd – Published: 2025-09-10 06:45 – Updated: 2025-11-04 22:06
    VLAI
    Title
    Unauthenticated SQL Injection Vulnerability in Shibboleth Service Provider
    Summary
    An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider (SP) is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing for the extraction of arbitrary data from the database, if the database connection is configured to use the ODBC plugin. The vulnerability arises from insufficient escaping of single quotes in the class SQLString (file odbc-store.cpp, lines 253-271). This issue affects Shibboleth Service Provider through 3.5.0.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Shibboleth Service Provider Affected: 0 , ≤ 3.5.0 (semver)
    Create a notification for this product.
    Credits
    Florian Stuhlmann, SEC Consult Vulnerability Lab
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 9.1,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-9943",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-10T19:37:58.283716Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-10T19:38:24.007Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T22:06:49.754Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00015.html"
              },
              {
                "url": "http://seclists.org/fulldisclosure/2025/Sep/40"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "ODBC interface"
              ],
              "product": "Service Provider",
              "vendor": "Shibboleth",
              "versions": [
                {
                  "lessThanOrEqual": "3.5.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Florian Stuhlmann, SEC Consult Vulnerability Lab"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An SQL injection vulnerability has been identified in the \"ID\" attribute of the SAML response when the replay cache of the Shibboleth Service Provider (SP) is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing for the extraction of arbitrary data from the database, if the database connection is configured to use the ODBC plugin.\u0026nbsp;The vulnerability arises from insufficient escaping of single quotes in the class SQLString (file odbc-store.cpp, lines 253-271).\u003cbr\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Shibboleth Service Provider through 3.5.0.\u003c/p\u003e"
                }
              ],
              "value": "An SQL injection vulnerability has been identified in the \"ID\" attribute of the SAML response when the replay cache of the Shibboleth Service Provider (SP) is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing for the extraction of arbitrary data from the database, if the database connection is configured to use the ODBC plugin.\u00a0The vulnerability arises from insufficient escaping of single quotes in the class SQLString (file odbc-store.cpp, lines 253-271).\n\nThis issue affects Shibboleth Service Provider through 3.5.0."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-66",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-66 SQL Injection"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-10T06:45:50.883Z",
            "orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
            "shortName": "SEC-VLab"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://shibboleth.net/community/advisories/secadv_20250903.txt"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://r.sec-consult.com/shibboleth"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://shibboleth.net/downloads/service-provider/3.5.1/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to Shibboleth Service Provider 3.5.1 or higher. The vendor provides an updated version here:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://shibboleth.net/downloads/service-provider/3.5.1/\"\u003ehttps://shibboleth.net/downloads/service-provider/3.5.1/\u003c/a\u003e\u0026nbsp;"
                }
              ],
              "value": "Update to Shibboleth Service Provider 3.5.1 or higher. The vendor provides an updated version here:\u00a0 https://shibboleth.net/downloads/service-provider/3.5.1/"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Unauthenticated SQL Injection Vulnerability in Shibboleth Service Provider",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use any other non-ODBC StorageService for the ReplayCache.\u003cbr\u003e"
                }
              ],
              "value": "Use any other non-ODBC StorageService for the ReplayCache."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
        "assignerShortName": "SEC-VLab",
        "cveId": "CVE-2025-9943",
        "datePublished": "2025-09-10T06:45:50.883Z",
        "dateReserved": "2025-09-03T12:56:22.575Z",
        "dateUpdated": "2025-11-04T22:06:49.754Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-31335 (GCVE-0-2025-31335)

    Vulnerability from nvd – Published: 2025-03-28 00:00 – Updated: 2025-03-28 14:31
    VLAI
    Summary
    The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation (when using SAML bindings that rely on non-XML signatures).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-347 - Improper Verification of Cryptographic Signature
    Assigner
    Impacted products
    Vendor Product Version
    Shibboleth OpenSAML C++ library Affected: 0 , < 3.3.1 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-31335",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-28T14:30:51.735024Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-28T14:31:11.464Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "OpenSAML C++ library",
              "vendor": "Shibboleth",
              "versions": [
                {
                  "lessThan": "3.3.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation (when using SAML bindings that rely on non-XML signatures)."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "CWE-347 Improper Verification of Cryptographic Signature",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-28T05:25:12.442Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://shibboleth.net/community/advisories/secadv_20250313.txt"
            },
            {
              "url": "https://git.shibboleth.net/view/?p=cpp-opensaml.git;a=commit;h=22a610b322e2178abd03e97cdbc8fb50b45efaee"
            },
            {
              "url": "https://shibboleth.atlassian.net/browse/CPPOST-126"
            },
            {
              "url": "https://lists.debian.org/debian-security-announce/2025/msg00041.html"
            }
          ],
          "x_generator": {
            "engine": "enrichogram 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-31335",
        "datePublished": "2025-03-28T00:00:00.000Z",
        "dateReserved": "2025-03-28T00:00:00.000Z",
        "dateUpdated": "2025-03-28T14:31:11.464Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36661 (GCVE-0-2023-36661)

    Vulnerability from nvd – Published: 2023-06-25 00:00 – Updated: 2025-05-05 15:56
    VLAI
    Summary
    Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:54.047Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-5432",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2023/dsa-5432"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://shibboleth.net/community/advisories/secadv_20230612.txt"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36661",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:26:26.548306Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-918",
                    "description": "CWE-918 Server-Side Request Forgery (SSRF)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T15:56:49.910Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-27T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-5432",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.debian.org/security/2023/dsa-5432"
            },
            {
              "url": "https://shibboleth.net/community/advisories/secadv_20230612.txt"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-36661",
        "datePublished": "2023-06-25T00:00:00.000Z",
        "dateReserved": "2023-06-25T00:00:00.000Z",
        "dateUpdated": "2025-05-05T15:56:49.910Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-22947 (GCVE-0-2023-22947)

    Vulnerability from nvd – Published: 2023-01-11 00:00 – Updated: 2025-04-07 18:39 Disputed
    VLAI
    Summary
    Insecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP) before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt (rather than C:\Program Files) by default. NOTE: the vendor disputes the significance of this report, stating that "We consider the ACLs a best effort thing" and "it was a documentation mistake."
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-427 - Uncontrolled Search Path Element
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T10:20:31.400Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://shibboleth.atlassian.net/browse/SSPCPP-961"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2065335545/Install+on+Windows#Restricting-ACLs"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.3,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-22947",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-07T17:50:41.633316Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-427",
                    "description": "CWE-427 Uncontrolled Search Path Element",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-07T18:39:34.765Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP) before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable\u0027s folder. This occurs because the installation goes under C:\\opt (rather than C:\\Program Files) by default. NOTE: the vendor disputes the significance of this report, stating that \"We consider the ACLs a best effort thing\" and \"it was a documentation mistake.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-11T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://shibboleth.atlassian.net/browse/SSPCPP-961"
            },
            {
              "url": "https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2065335545/Install+on+Windows#Restricting-ACLs"
            }
          ],
          "tags": [
            "disputed"
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-22947",
        "datePublished": "2023-01-11T00:00:00.000Z",
        "dateReserved": "2023-01-11T00:00:00.000Z",
        "dateUpdated": "2025-04-07T18:39:34.765Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-24129 (GCVE-0-2022-24129)

    Vulnerability from nvd – Published: 2022-02-04 19:20 – Updated: 2024-08-03 03:59
    VLAI
    Summary
    The OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary third-party HTTP services.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:59:23.788Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://shibboleth.net/community/advisories/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://shibboleth.net/community/advisories/secadv_20220131.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220127-01_Shibboleth_IdP_OIDC_OP_Plugin_SSRF"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary third-party HTTP services."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T19:20:46.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://shibboleth.net/community/advisories/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://shibboleth.net/community/advisories/secadv_20220131.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220127-01_Shibboleth_IdP_OIDC_OP_Plugin_SSRF"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2022-24129",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary third-party HTTP services."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://shibboleth.net/community/advisories/",
                  "refsource": "MISC",
                  "url": "http://shibboleth.net/community/advisories/"
                },
                {
                  "name": "http://shibboleth.net/community/advisories/secadv_20220131.txt",
                  "refsource": "CONFIRM",
                  "url": "http://shibboleth.net/community/advisories/secadv_20220131.txt"
                },
                {
                  "name": "https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220127-01_Shibboleth_IdP_OIDC_OP_Plugin_SSRF",
                  "refsource": "MISC",
                  "url": "https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220127-01_Shibboleth_IdP_OIDC_OP_Plugin_SSRF"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-24129",
        "datePublished": "2022-02-04T19:20:46.000Z",
        "dateReserved": "2022-01-30T00:00:00.000Z",
        "dateUpdated": "2024-08-03T03:59:23.788Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-31826 (GCVE-0-2021-31826)

    Vulnerability from nvd – Published: 2021-04-27 03:33 – Updated: 2024-08-03 23:10
    VLAI
    Summary
    Shibboleth Service Provider 3.x before 3.2.2 is prone to a NULL pointer dereference flaw involving the session recovery feature. The flaw is exploitable (for a daemon crash) on systems not using this feature if a crafted cookie is supplied.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:10:30.613Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://shibboleth.net/community/advisories/secadv_20210426.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-927"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://git.shibboleth.net/view/?p=cpp-sp.git%3Ba=commit%3Bh=5a47c3b9378f4c49392dd4d15189b70956f9f2ec"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/987608"
              },
              {
                "name": "DSA-4905",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2021/dsa-4905"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Shibboleth Service Provider 3.x before 3.2.2 is prone to a NULL pointer dereference flaw involving the session recovery feature. The flaw is exploitable (for a daemon crash) on systems not using this feature if a crafted cookie is supplied."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-04-28T04:06:12.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://shibboleth.net/community/advisories/secadv_20210426.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-927"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://git.shibboleth.net/view/?p=cpp-sp.git%3Ba=commit%3Bh=5a47c3b9378f4c49392dd4d15189b70956f9f2ec"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.debian.org/987608"
            },
            {
              "name": "DSA-4905",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2021/dsa-4905"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-31826",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Shibboleth Service Provider 3.x before 3.2.2 is prone to a NULL pointer dereference flaw involving the session recovery feature. The flaw is exploitable (for a daemon crash) on systems not using this feature if a crafted cookie is supplied."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://shibboleth.net/community/advisories/secadv_20210426.txt",
                  "refsource": "MISC",
                  "url": "https://shibboleth.net/community/advisories/secadv_20210426.txt"
                },
                {
                  "name": "https://issues.shibboleth.net/jira/browse/SSPCPP-927",
                  "refsource": "MISC",
                  "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-927"
                },
                {
                  "name": "https://git.shibboleth.net/view/?p=cpp-sp.git;a=commit;h=5a47c3b9378f4c49392dd4d15189b70956f9f2ec",
                  "refsource": "MISC",
                  "url": "https://git.shibboleth.net/view/?p=cpp-sp.git;a=commit;h=5a47c3b9378f4c49392dd4d15189b70956f9f2ec"
                },
                {
                  "name": "https://bugs.debian.org/987608",
                  "refsource": "MISC",
                  "url": "https://bugs.debian.org/987608"
                },
                {
                  "name": "DSA-4905",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2021/dsa-4905"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-31826",
        "datePublished": "2021-04-27T03:33:47.000Z",
        "dateReserved": "2021-04-27T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:10:30.613Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-28963 (GCVE-0-2021-28963)

    Vulnerability from nvd – Published: 2021-03-22 07:02 – Updated: 2024-08-03 21:55
    VLAI
    Summary
    Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T21:55:12.374Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/985405"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://shibboleth.net/community/advisories/secadv_20210317.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-922"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://git.shibboleth.net/view/?p=cpp-sp.git%3Ba=commit%3Bh=d1dbebfadc1bdb824fea63843c4c38fa69e54379"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2021/dsa-4872"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-03-22T07:02:05.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.debian.org/985405"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://shibboleth.net/community/advisories/secadv_20210317.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-922"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://git.shibboleth.net/view/?p=cpp-sp.git%3Ba=commit%3Bh=d1dbebfadc1bdb824fea63843c4c38fa69e54379"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.debian.org/security/2021/dsa-4872"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-28963",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugs.debian.org/985405",
                  "refsource": "MISC",
                  "url": "https://bugs.debian.org/985405"
                },
                {
                  "name": "https://shibboleth.net/community/advisories/secadv_20210317.txt",
                  "refsource": "MISC",
                  "url": "https://shibboleth.net/community/advisories/secadv_20210317.txt"
                },
                {
                  "name": "https://issues.shibboleth.net/jira/browse/SSPCPP-922",
                  "refsource": "MISC",
                  "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-922"
                },
                {
                  "name": "https://git.shibboleth.net/view/?p=cpp-sp.git;a=commit;h=d1dbebfadc1bdb824fea63843c4c38fa69e54379",
                  "refsource": "MISC",
                  "url": "https://git.shibboleth.net/view/?p=cpp-sp.git;a=commit;h=d1dbebfadc1bdb824fea63843c4c38fa69e54379"
                },
                {
                  "name": "https://www.debian.org/security/2021/dsa-4872",
                  "refsource": "MISC",
                  "url": "https://www.debian.org/security/2021/dsa-4872"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-28963",
        "datePublished": "2021-03-22T07:02:05.000Z",
        "dateReserved": "2021-03-22T00:00:00.000Z",
        "dateUpdated": "2024-08-03T21:55:12.374Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-27978 (GCVE-0-2020-27978)

    Vulnerability from nvd – Published: 2020-10-28 14:43 – Updated: 2024-08-04 16:25
    VLAI
    Summary
    Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote unauthenticated attacker can cause a login flow to trigger Java heap exhaustion due to the creation of objects in the Java Servlet container session.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T16:25:44.145Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://shibboleth.net/community/advisories/secadv_20191002.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote unauthenticated attacker can cause a login flow to trigger Java heap exhaustion due to the creation of objects in the Java Servlet container session."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-28T14:43:54.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://shibboleth.net/community/advisories/secadv_20191002.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-27978",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote unauthenticated attacker can cause a login flow to trigger Java heap exhaustion due to the creation of objects in the Java Servlet container session."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://shibboleth.net/community/advisories/secadv_20191002.txt",
                  "refsource": "MISC",
                  "url": "https://shibboleth.net/community/advisories/secadv_20191002.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-27978",
        "datePublished": "2020-10-28T14:43:54.000Z",
        "dateReserved": "2020-10-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T16:25:44.145Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-19191 (GCVE-0-2019-19191)

    Vulnerability from nvd – Published: 2019-11-21 17:06 – Updated: 2024-08-05 02:09
    VLAI
    Summary
    Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T02:09:39.337Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-874"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157471"
              },
              {
                "name": "openSUSE-SU-2020:0020",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00017.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-14T00:06:16.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-874"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157471"
            },
            {
              "name": "openSUSE-SU-2020:0020",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00017.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2019-19191",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://issues.shibboleth.net/jira/browse/SSPCPP-874",
                  "refsource": "MISC",
                  "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-874"
                },
                {
                  "name": "https://bugzilla.suse.com/show_bug.cgi?id=1157471",
                  "refsource": "MISC",
                  "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157471"
                },
                {
                  "name": "openSUSE-SU-2020:0020",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00017.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2019-19191",
        "datePublished": "2019-11-21T17:06:45.000Z",
        "dateReserved": "2019-11-21T00:00:00.000Z",
        "dateUpdated": "2024-08-05T02:09:39.337Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-2450 (GCVE-0-2010-2450)

    Vulnerability from nvd – Published: 2019-11-07 20:06 – Updated: 2024-08-07 02:32
    VLAI
    Summary
    The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/shibboleth by default) uses OpenSSL to create a DES private key which is placed in sp-key.pm. It relies on the root umask (default 22) instead of chmoding the resulting file itself, so the generated private key is world readable by default.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T02:32:16.662Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-tracker.debian.org/tracker/CVE-2010-2450"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571631"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://todos.internet2.edu/browse/SSPCPP-106"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/shibboleth by default) uses OpenSSL to create a DES private key which is placed in sp-key.pm. It relies on the root umask (default 22) instead of chmoding the resulting file itself, so the generated private key is world readable by default."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-07T20:06:05.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-tracker.debian.org/tracker/CVE-2010-2450"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571631"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://todos.internet2.edu/browse/SSPCPP-106"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-2450",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/shibboleth by default) uses OpenSSL to create a DES private key which is placed in sp-key.pm. It relies on the root umask (default 22) instead of chmoding the resulting file itself, so the generated private key is world readable by default."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-tracker.debian.org/tracker/CVE-2010-2450",
                  "refsource": "MISC",
                  "url": "https://security-tracker.debian.org/tracker/CVE-2010-2450"
                },
                {
                  "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571631",
                  "refsource": "MISC",
                  "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571631"
                },
                {
                  "name": "https://todos.internet2.edu/browse/SSPCPP-106",
                  "refsource": "CONFIRM",
                  "url": "https://todos.internet2.edu/browse/SSPCPP-106"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-2450",
        "datePublished": "2019-11-07T20:06:05.000Z",
        "dateReserved": "2010-06-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T02:32:16.662Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-3603 (GCVE-0-2014-3603)

    Vulnerability from nvd – Published: 2019-04-04 13:38 – Updated: 2024-08-06 10:50
    VLAI
    Summary
    The (1) HttpResource and (2) FileBackedHttpResource implementations in Shibboleth Identity Provider (IdP) before 2.4.1 and OpenSAML Java 2.6.2 do not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
    Severity
    No CVSS data available.
    CWE
    • Other
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/60816 third-party-advisoryx_refsource_SECUNIA
    https://bugzilla.redhat.com/show_bug.cgi?id=1131823 x_refsource_CONFIRM
    http://shibboleth.net/community/advisories/secadv… x_refsource_CONFIRM
    Date Public
    2014-08-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:50:17.020Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "60816",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/60816"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1131823"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://shibboleth.net/community/advisories/secadv_20140813.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Identity Provider (IdP)",
              "vendor": "Shibboleth; OpenSAML Java",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.4.1"
                }
              ]
            },
            {
              "product": "OpenSAML Java",
              "vendor": "Shibboleth; OpenSAML Java",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.6.2"
                }
              ]
            }
          ],
          "datePublic": "2014-08-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The (1) HttpResource and (2) FileBackedHttpResource implementations in Shibboleth Identity Provider (IdP) before 2.4.1 and OpenSAML Java 2.6.2 do not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Other",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-04T13:38:16.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "60816",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/60816"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1131823"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://shibboleth.net/community/advisories/secadv_20140813.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2014-3603",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Identity Provider (IdP)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c 2.4.1"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "OpenSAML Java",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c 2.6.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Shibboleth; OpenSAML Java"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The (1) HttpResource and (2) FileBackedHttpResource implementations in Shibboleth Identity Provider (IdP) before 2.4.1 and OpenSAML Java 2.6.2 do not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Other"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "60816",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/60816"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1131823",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1131823"
                },
                {
                  "name": "http://shibboleth.net/community/advisories/secadv_20140813.txt",
                  "refsource": "CONFIRM",
                  "url": "http://shibboleth.net/community/advisories/secadv_20140813.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2014-3603",
        "datePublished": "2019-04-04T13:38:16.000Z",
        "dateReserved": "2014-05-14T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:50:17.020Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0489 (GCVE-0-2018-0489)

    Vulnerability from nvd – Published: 2018-02-27 15:00 – Updated: 2024-08-05 03:28
    VLAI
    Summary
    Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this issue exists because of an incomplete fix for CVE-2018-0486.
    Severity
    No CVSS data available.
    CWE
    • obtain sensitive information or conduct impersonation attacks
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Shibboleth XMLTooling-C before 1.6.4 Affected: Shibboleth XMLTooling-C before 1.6.4
    Date Public
    2018-02-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:28:11.071Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1040435",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040435"
              },
              {
                "name": "103172",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/103172"
              },
              {
                "name": "DSA-4126",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2018/dsa-4126"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://shibboleth.net/community/advisories/secadv_20180227.txt"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt"
              },
              {
                "name": "[debian-lts-announce] 20180228 [SECURITY] [DLA 1296-1] xmltooling security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00031.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Shibboleth XMLTooling-C before 1.6.4",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Shibboleth XMLTooling-C before 1.6.4"
                }
              ]
            }
          ],
          "datePublic": "2018-02-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this issue exists because of an incomplete fix for CVE-2018-0486."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "obtain sensitive information or conduct impersonation attacks",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-22T09:57:01.000Z",
            "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            "shortName": "debian"
          },
          "references": [
            {
              "name": "1040435",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040435"
            },
            {
              "name": "103172",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/103172"
            },
            {
              "name": "DSA-4126",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2018/dsa-4126"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://shibboleth.net/community/advisories/secadv_20180227.txt"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt"
            },
            {
              "name": "[debian-lts-announce] 20180228 [SECURITY] [DLA 1296-1] xmltooling security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00031.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@debian.org",
              "ID": "CVE-2018-0489",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Shibboleth XMLTooling-C before 1.6.4",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Shibboleth XMLTooling-C before 1.6.4"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this issue exists because of an incomplete fix for CVE-2018-0486."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "obtain sensitive information or conduct impersonation attacks"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1040435",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040435"
                },
                {
                  "name": "103172",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/103172"
                },
                {
                  "name": "DSA-4126",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2018/dsa-4126"
                },
                {
                  "name": "https://shibboleth.net/community/advisories/secadv_20180227.txt",
                  "refsource": "CONFIRM",
                  "url": "https://shibboleth.net/community/advisories/secadv_20180227.txt"
                },
                {
                  "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt"
                },
                {
                  "name": "[debian-lts-announce] 20180228 [SECURITY] [DLA 1296-1] xmltooling security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00031.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "assignerShortName": "debian",
        "cveId": "CVE-2018-0489",
        "datePublished": "2018-02-27T15:00:00.000Z",
        "dateReserved": "2017-11-27T00:00:00.000Z",
        "dateUpdated": "2024-08-05T03:28:11.071Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0486 (GCVE-0-2018-0486)

    Vulnerability from nvd – Published: 2018-01-13 18:00 – Updated: 2024-08-05 03:28
    VLAI
    Summary
    Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a crafted DTD.
    Severity
    No CVSS data available.
    CWE
    • mishandles digital signatures
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a XMLTooling-C before 1.6.3 Affected: XMLTooling-C before 1.6.3
    Date Public
    2018-01-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:28:11.047Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-4085",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2018/dsa-4085"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-security-announce/2018/msg00007.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://shibboleth.net/community/advisories/secadv_20180112.txt"
              },
              {
                "name": "[debian-lts-announce] 20180114 [SECURITY] [DLA 1242-1] xmltooling security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00016.html"
              },
              {
                "name": "1040177",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040177"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "XMLTooling-C before 1.6.3",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "XMLTooling-C before 1.6.3"
                }
              ]
            }
          ],
          "datePublic": "2018-01-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a crafted DTD."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "mishandles digital signatures",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-02T10:57:01.000Z",
            "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            "shortName": "debian"
          },
          "references": [
            {
              "name": "DSA-4085",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2018/dsa-4085"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://lists.debian.org/debian-security-announce/2018/msg00007.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://shibboleth.net/community/advisories/secadv_20180112.txt"
            },
            {
              "name": "[debian-lts-announce] 20180114 [SECURITY] [DLA 1242-1] xmltooling security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00016.html"
            },
            {
              "name": "1040177",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040177"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@debian.org",
              "ID": "CVE-2018-0486",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "XMLTooling-C before 1.6.3",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "XMLTooling-C before 1.6.3"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a crafted DTD."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "mishandles digital signatures"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-4085",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2018/dsa-4085"
                },
                {
                  "name": "https://lists.debian.org/debian-security-announce/2018/msg00007.html",
                  "refsource": "MISC",
                  "url": "https://lists.debian.org/debian-security-announce/2018/msg00007.html"
                },
                {
                  "name": "https://shibboleth.net/community/advisories/secadv_20180112.txt",
                  "refsource": "MISC",
                  "url": "https://shibboleth.net/community/advisories/secadv_20180112.txt"
                },
                {
                  "name": "[debian-lts-announce] 20180114 [SECURITY] [DLA 1242-1] xmltooling security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00016.html"
                },
                {
                  "name": "1040177",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040177"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "assignerShortName": "debian",
        "cveId": "CVE-2018-0486",
        "datePublished": "2018-01-13T18:00:00.000Z",
        "dateReserved": "2017-11-27T00:00:00.000Z",
        "dateUpdated": "2024-08-05T03:28:11.047Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-16853 (GCVE-0-2017-16853)

    Vulnerability from nvd – Published: 2017-11-16 17:00 – Updated: 2024-08-05 20:35
    VLAI
    Summary
    The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in OpenSAML-C in OpenSAML before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and does not perform critical security checks such as signature verification, enforcement of validity periods, and other checks specific to deployments, aka CPPOST-105.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2017-11-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:35:21.236Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-4039",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2017/dsa-4039"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/881856"
              },
              {
                "name": "101898",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/101898"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://git.shibboleth.net/view/?p=cpp-opensaml.git%3Ba=commit%3Bh=6182b0acf2df670e75423c2ed7afe6950ef11c9d"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://shibboleth.net/community/advisories/secadv_20171115.txt"
              },
              {
                "name": "[debian-lts-announce] 20171118 [SECURITY] [DLA 1178-1] opensaml2 security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00024.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2017-11-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in OpenSAML-C in OpenSAML before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and does not perform critical security checks such as signature verification, enforcement of validity periods, and other checks specific to deployments, aka CPPOST-105."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-02T10:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-4039",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2017/dsa-4039"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.debian.org/881856"
            },
            {
              "name": "101898",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/101898"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://git.shibboleth.net/view/?p=cpp-opensaml.git%3Ba=commit%3Bh=6182b0acf2df670e75423c2ed7afe6950ef11c9d"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://shibboleth.net/community/advisories/secadv_20171115.txt"
            },
            {
              "name": "[debian-lts-announce] 20171118 [SECURITY] [DLA 1178-1] opensaml2 security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00024.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2017-16853",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in OpenSAML-C in OpenSAML before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and does not perform critical security checks such as signature verification, enforcement of validity periods, and other checks specific to deployments, aka CPPOST-105."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-4039",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2017/dsa-4039"
                },
                {
                  "name": "https://bugs.debian.org/881856",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.debian.org/881856"
                },
                {
                  "name": "101898",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/101898"
                },
                {
                  "name": "https://git.shibboleth.net/view/?p=cpp-opensaml.git;a=commit;h=6182b0acf2df670e75423c2ed7afe6950ef11c9d",
                  "refsource": "CONFIRM",
                  "url": "https://git.shibboleth.net/view/?p=cpp-opensaml.git;a=commit;h=6182b0acf2df670e75423c2ed7afe6950ef11c9d"
                },
                {
                  "name": "https://shibboleth.net/community/advisories/secadv_20171115.txt",
                  "refsource": "CONFIRM",
                  "url": "https://shibboleth.net/community/advisories/secadv_20171115.txt"
                },
                {
                  "name": "[debian-lts-announce] 20171118 [SECURITY] [DLA 1178-1] opensaml2 security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00024.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2017-16853",
        "datePublished": "2017-11-16T17:00:00.000Z",
        "dateReserved": "2017-11-16T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:35:21.236Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-9943 (GCVE-0-2025-9943)

    Vulnerability from cvelistv5 – Published: 2025-09-10 06:45 – Updated: 2025-11-04 22:06
    VLAI
    Title
    Unauthenticated SQL Injection Vulnerability in Shibboleth Service Provider
    Summary
    An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider (SP) is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing for the extraction of arbitrary data from the database, if the database connection is configured to use the ODBC plugin. The vulnerability arises from insufficient escaping of single quotes in the class SQLString (file odbc-store.cpp, lines 253-271). This issue affects Shibboleth Service Provider through 3.5.0.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Shibboleth Service Provider Affected: 0 , ≤ 3.5.0 (semver)
    Create a notification for this product.
    Credits
    Florian Stuhlmann, SEC Consult Vulnerability Lab
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 9.1,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-9943",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-10T19:37:58.283716Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-10T19:38:24.007Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T22:06:49.754Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00015.html"
              },
              {
                "url": "http://seclists.org/fulldisclosure/2025/Sep/40"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "ODBC interface"
              ],
              "product": "Service Provider",
              "vendor": "Shibboleth",
              "versions": [
                {
                  "lessThanOrEqual": "3.5.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Florian Stuhlmann, SEC Consult Vulnerability Lab"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An SQL injection vulnerability has been identified in the \"ID\" attribute of the SAML response when the replay cache of the Shibboleth Service Provider (SP) is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing for the extraction of arbitrary data from the database, if the database connection is configured to use the ODBC plugin.\u0026nbsp;The vulnerability arises from insufficient escaping of single quotes in the class SQLString (file odbc-store.cpp, lines 253-271).\u003cbr\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Shibboleth Service Provider through 3.5.0.\u003c/p\u003e"
                }
              ],
              "value": "An SQL injection vulnerability has been identified in the \"ID\" attribute of the SAML response when the replay cache of the Shibboleth Service Provider (SP) is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing for the extraction of arbitrary data from the database, if the database connection is configured to use the ODBC plugin.\u00a0The vulnerability arises from insufficient escaping of single quotes in the class SQLString (file odbc-store.cpp, lines 253-271).\n\nThis issue affects Shibboleth Service Provider through 3.5.0."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-66",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-66 SQL Injection"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-10T06:45:50.883Z",
            "orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
            "shortName": "SEC-VLab"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://shibboleth.net/community/advisories/secadv_20250903.txt"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://r.sec-consult.com/shibboleth"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://shibboleth.net/downloads/service-provider/3.5.1/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update to Shibboleth Service Provider 3.5.1 or higher. The vendor provides an updated version here:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://shibboleth.net/downloads/service-provider/3.5.1/\"\u003ehttps://shibboleth.net/downloads/service-provider/3.5.1/\u003c/a\u003e\u0026nbsp;"
                }
              ],
              "value": "Update to Shibboleth Service Provider 3.5.1 or higher. The vendor provides an updated version here:\u00a0 https://shibboleth.net/downloads/service-provider/3.5.1/"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Unauthenticated SQL Injection Vulnerability in Shibboleth Service Provider",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use any other non-ODBC StorageService for the ReplayCache.\u003cbr\u003e"
                }
              ],
              "value": "Use any other non-ODBC StorageService for the ReplayCache."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
        "assignerShortName": "SEC-VLab",
        "cveId": "CVE-2025-9943",
        "datePublished": "2025-09-10T06:45:50.883Z",
        "dateReserved": "2025-09-03T12:56:22.575Z",
        "dateUpdated": "2025-11-04T22:06:49.754Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-31335 (GCVE-0-2025-31335)

    Vulnerability from cvelistv5 – Published: 2025-03-28 00:00 – Updated: 2025-03-28 14:31
    VLAI
    Summary
    The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation (when using SAML bindings that rely on non-XML signatures).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-347 - Improper Verification of Cryptographic Signature
    Assigner
    Impacted products
    Vendor Product Version
    Shibboleth OpenSAML C++ library Affected: 0 , < 3.3.1 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-31335",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-28T14:30:51.735024Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-28T14:31:11.464Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "OpenSAML C++ library",
              "vendor": "Shibboleth",
              "versions": [
                {
                  "lessThan": "3.3.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation (when using SAML bindings that rely on non-XML signatures)."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "CWE-347 Improper Verification of Cryptographic Signature",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-28T05:25:12.442Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://shibboleth.net/community/advisories/secadv_20250313.txt"
            },
            {
              "url": "https://git.shibboleth.net/view/?p=cpp-opensaml.git;a=commit;h=22a610b322e2178abd03e97cdbc8fb50b45efaee"
            },
            {
              "url": "https://shibboleth.atlassian.net/browse/CPPOST-126"
            },
            {
              "url": "https://lists.debian.org/debian-security-announce/2025/msg00041.html"
            }
          ],
          "x_generator": {
            "engine": "enrichogram 0.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2025-31335",
        "datePublished": "2025-03-28T00:00:00.000Z",
        "dateReserved": "2025-03-28T00:00:00.000Z",
        "dateUpdated": "2025-03-28T14:31:11.464Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36661 (GCVE-0-2023-36661)

    Vulnerability from cvelistv5 – Published: 2023-06-25 00:00 – Updated: 2025-05-05 15:56
    VLAI
    Summary
    Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:54.047Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-5432",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2023/dsa-5432"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://shibboleth.net/community/advisories/secadv_20230612.txt"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36661",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:26:26.548306Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-918",
                    "description": "CWE-918 Server-Side Request Forgery (SSRF)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T15:56:49.910Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-27T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-5432",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.debian.org/security/2023/dsa-5432"
            },
            {
              "url": "https://shibboleth.net/community/advisories/secadv_20230612.txt"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-36661",
        "datePublished": "2023-06-25T00:00:00.000Z",
        "dateReserved": "2023-06-25T00:00:00.000Z",
        "dateUpdated": "2025-05-05T15:56:49.910Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-22947 (GCVE-0-2023-22947)

    Vulnerability from cvelistv5 – Published: 2023-01-11 00:00 – Updated: 2025-04-07 18:39 Disputed
    VLAI
    Summary
    Insecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP) before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt (rather than C:\Program Files) by default. NOTE: the vendor disputes the significance of this report, stating that "We consider the ACLs a best effort thing" and "it was a documentation mistake."
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-427 - Uncontrolled Search Path Element
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T10:20:31.400Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://shibboleth.atlassian.net/browse/SSPCPP-961"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2065335545/Install+on+Windows#Restricting-ACLs"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.3,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-22947",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-07T17:50:41.633316Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-427",
                    "description": "CWE-427 Uncontrolled Search Path Element",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-07T18:39:34.765Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP) before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable\u0027s folder. This occurs because the installation goes under C:\\opt (rather than C:\\Program Files) by default. NOTE: the vendor disputes the significance of this report, stating that \"We consider the ACLs a best effort thing\" and \"it was a documentation mistake.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-11T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://shibboleth.atlassian.net/browse/SSPCPP-961"
            },
            {
              "url": "https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2065335545/Install+on+Windows#Restricting-ACLs"
            }
          ],
          "tags": [
            "disputed"
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-22947",
        "datePublished": "2023-01-11T00:00:00.000Z",
        "dateReserved": "2023-01-11T00:00:00.000Z",
        "dateUpdated": "2025-04-07T18:39:34.765Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-24129 (GCVE-0-2022-24129)

    Vulnerability from cvelistv5 – Published: 2022-02-04 19:20 – Updated: 2024-08-03 03:59
    VLAI
    Summary
    The OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary third-party HTTP services.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:59:23.788Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://shibboleth.net/community/advisories/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://shibboleth.net/community/advisories/secadv_20220131.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220127-01_Shibboleth_IdP_OIDC_OP_Plugin_SSRF"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary third-party HTTP services."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T19:20:46.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://shibboleth.net/community/advisories/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://shibboleth.net/community/advisories/secadv_20220131.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220127-01_Shibboleth_IdP_OIDC_OP_Plugin_SSRF"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2022-24129",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary third-party HTTP services."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://shibboleth.net/community/advisories/",
                  "refsource": "MISC",
                  "url": "http://shibboleth.net/community/advisories/"
                },
                {
                  "name": "http://shibboleth.net/community/advisories/secadv_20220131.txt",
                  "refsource": "CONFIRM",
                  "url": "http://shibboleth.net/community/advisories/secadv_20220131.txt"
                },
                {
                  "name": "https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220127-01_Shibboleth_IdP_OIDC_OP_Plugin_SSRF",
                  "refsource": "MISC",
                  "url": "https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220127-01_Shibboleth_IdP_OIDC_OP_Plugin_SSRF"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-24129",
        "datePublished": "2022-02-04T19:20:46.000Z",
        "dateReserved": "2022-01-30T00:00:00.000Z",
        "dateUpdated": "2024-08-03T03:59:23.788Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-31826 (GCVE-0-2021-31826)

    Vulnerability from cvelistv5 – Published: 2021-04-27 03:33 – Updated: 2024-08-03 23:10
    VLAI
    Summary
    Shibboleth Service Provider 3.x before 3.2.2 is prone to a NULL pointer dereference flaw involving the session recovery feature. The flaw is exploitable (for a daemon crash) on systems not using this feature if a crafted cookie is supplied.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:10:30.613Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://shibboleth.net/community/advisories/secadv_20210426.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-927"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://git.shibboleth.net/view/?p=cpp-sp.git%3Ba=commit%3Bh=5a47c3b9378f4c49392dd4d15189b70956f9f2ec"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/987608"
              },
              {
                "name": "DSA-4905",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2021/dsa-4905"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Shibboleth Service Provider 3.x before 3.2.2 is prone to a NULL pointer dereference flaw involving the session recovery feature. The flaw is exploitable (for a daemon crash) on systems not using this feature if a crafted cookie is supplied."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-04-28T04:06:12.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://shibboleth.net/community/advisories/secadv_20210426.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-927"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://git.shibboleth.net/view/?p=cpp-sp.git%3Ba=commit%3Bh=5a47c3b9378f4c49392dd4d15189b70956f9f2ec"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.debian.org/987608"
            },
            {
              "name": "DSA-4905",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2021/dsa-4905"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-31826",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Shibboleth Service Provider 3.x before 3.2.2 is prone to a NULL pointer dereference flaw involving the session recovery feature. The flaw is exploitable (for a daemon crash) on systems not using this feature if a crafted cookie is supplied."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://shibboleth.net/community/advisories/secadv_20210426.txt",
                  "refsource": "MISC",
                  "url": "https://shibboleth.net/community/advisories/secadv_20210426.txt"
                },
                {
                  "name": "https://issues.shibboleth.net/jira/browse/SSPCPP-927",
                  "refsource": "MISC",
                  "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-927"
                },
                {
                  "name": "https://git.shibboleth.net/view/?p=cpp-sp.git;a=commit;h=5a47c3b9378f4c49392dd4d15189b70956f9f2ec",
                  "refsource": "MISC",
                  "url": "https://git.shibboleth.net/view/?p=cpp-sp.git;a=commit;h=5a47c3b9378f4c49392dd4d15189b70956f9f2ec"
                },
                {
                  "name": "https://bugs.debian.org/987608",
                  "refsource": "MISC",
                  "url": "https://bugs.debian.org/987608"
                },
                {
                  "name": "DSA-4905",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2021/dsa-4905"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-31826",
        "datePublished": "2021-04-27T03:33:47.000Z",
        "dateReserved": "2021-04-27T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:10:30.613Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-28963 (GCVE-0-2021-28963)

    Vulnerability from cvelistv5 – Published: 2021-03-22 07:02 – Updated: 2024-08-03 21:55
    VLAI
    Summary
    Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T21:55:12.374Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/985405"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://shibboleth.net/community/advisories/secadv_20210317.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-922"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://git.shibboleth.net/view/?p=cpp-sp.git%3Ba=commit%3Bh=d1dbebfadc1bdb824fea63843c4c38fa69e54379"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2021/dsa-4872"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-03-22T07:02:05.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.debian.org/985405"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://shibboleth.net/community/advisories/secadv_20210317.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-922"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://git.shibboleth.net/view/?p=cpp-sp.git%3Ba=commit%3Bh=d1dbebfadc1bdb824fea63843c4c38fa69e54379"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.debian.org/security/2021/dsa-4872"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-28963",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugs.debian.org/985405",
                  "refsource": "MISC",
                  "url": "https://bugs.debian.org/985405"
                },
                {
                  "name": "https://shibboleth.net/community/advisories/secadv_20210317.txt",
                  "refsource": "MISC",
                  "url": "https://shibboleth.net/community/advisories/secadv_20210317.txt"
                },
                {
                  "name": "https://issues.shibboleth.net/jira/browse/SSPCPP-922",
                  "refsource": "MISC",
                  "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-922"
                },
                {
                  "name": "https://git.shibboleth.net/view/?p=cpp-sp.git;a=commit;h=d1dbebfadc1bdb824fea63843c4c38fa69e54379",
                  "refsource": "MISC",
                  "url": "https://git.shibboleth.net/view/?p=cpp-sp.git;a=commit;h=d1dbebfadc1bdb824fea63843c4c38fa69e54379"
                },
                {
                  "name": "https://www.debian.org/security/2021/dsa-4872",
                  "refsource": "MISC",
                  "url": "https://www.debian.org/security/2021/dsa-4872"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-28963",
        "datePublished": "2021-03-22T07:02:05.000Z",
        "dateReserved": "2021-03-22T00:00:00.000Z",
        "dateUpdated": "2024-08-03T21:55:12.374Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-27978 (GCVE-0-2020-27978)

    Vulnerability from cvelistv5 – Published: 2020-10-28 14:43 – Updated: 2024-08-04 16:25
    VLAI
    Summary
    Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote unauthenticated attacker can cause a login flow to trigger Java heap exhaustion due to the creation of objects in the Java Servlet container session.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T16:25:44.145Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://shibboleth.net/community/advisories/secadv_20191002.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote unauthenticated attacker can cause a login flow to trigger Java heap exhaustion due to the creation of objects in the Java Servlet container session."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-28T14:43:54.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://shibboleth.net/community/advisories/secadv_20191002.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-27978",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote unauthenticated attacker can cause a login flow to trigger Java heap exhaustion due to the creation of objects in the Java Servlet container session."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://shibboleth.net/community/advisories/secadv_20191002.txt",
                  "refsource": "MISC",
                  "url": "https://shibboleth.net/community/advisories/secadv_20191002.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-27978",
        "datePublished": "2020-10-28T14:43:54.000Z",
        "dateReserved": "2020-10-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T16:25:44.145Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-19191 (GCVE-0-2019-19191)

    Vulnerability from cvelistv5 – Published: 2019-11-21 17:06 – Updated: 2024-08-05 02:09
    VLAI
    Summary
    Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T02:09:39.337Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-874"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157471"
              },
              {
                "name": "openSUSE-SU-2020:0020",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00017.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-14T00:06:16.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-874"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157471"
            },
            {
              "name": "openSUSE-SU-2020:0020",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00017.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2019-19191",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://issues.shibboleth.net/jira/browse/SSPCPP-874",
                  "refsource": "MISC",
                  "url": "https://issues.shibboleth.net/jira/browse/SSPCPP-874"
                },
                {
                  "name": "https://bugzilla.suse.com/show_bug.cgi?id=1157471",
                  "refsource": "MISC",
                  "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157471"
                },
                {
                  "name": "openSUSE-SU-2020:0020",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00017.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2019-19191",
        "datePublished": "2019-11-21T17:06:45.000Z",
        "dateReserved": "2019-11-21T00:00:00.000Z",
        "dateUpdated": "2024-08-05T02:09:39.337Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-2450 (GCVE-0-2010-2450)

    Vulnerability from cvelistv5 – Published: 2019-11-07 20:06 – Updated: 2024-08-07 02:32
    VLAI
    Summary
    The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/shibboleth by default) uses OpenSSL to create a DES private key which is placed in sp-key.pm. It relies on the root umask (default 22) instead of chmoding the resulting file itself, so the generated private key is world readable by default.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T02:32:16.662Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-tracker.debian.org/tracker/CVE-2010-2450"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571631"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://todos.internet2.edu/browse/SSPCPP-106"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/shibboleth by default) uses OpenSSL to create a DES private key which is placed in sp-key.pm. It relies on the root umask (default 22) instead of chmoding the resulting file itself, so the generated private key is world readable by default."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-07T20:06:05.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-tracker.debian.org/tracker/CVE-2010-2450"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571631"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://todos.internet2.edu/browse/SSPCPP-106"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-2450",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/shibboleth by default) uses OpenSSL to create a DES private key which is placed in sp-key.pm. It relies on the root umask (default 22) instead of chmoding the resulting file itself, so the generated private key is world readable by default."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-tracker.debian.org/tracker/CVE-2010-2450",
                  "refsource": "MISC",
                  "url": "https://security-tracker.debian.org/tracker/CVE-2010-2450"
                },
                {
                  "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571631",
                  "refsource": "MISC",
                  "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571631"
                },
                {
                  "name": "https://todos.internet2.edu/browse/SSPCPP-106",
                  "refsource": "CONFIRM",
                  "url": "https://todos.internet2.edu/browse/SSPCPP-106"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-2450",
        "datePublished": "2019-11-07T20:06:05.000Z",
        "dateReserved": "2010-06-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T02:32:16.662Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-3603 (GCVE-0-2014-3603)

    Vulnerability from cvelistv5 – Published: 2019-04-04 13:38 – Updated: 2024-08-06 10:50
    VLAI
    Summary
    The (1) HttpResource and (2) FileBackedHttpResource implementations in Shibboleth Identity Provider (IdP) before 2.4.1 and OpenSAML Java 2.6.2 do not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
    Severity
    No CVSS data available.
    CWE
    • Other
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/60816 third-party-advisoryx_refsource_SECUNIA
    https://bugzilla.redhat.com/show_bug.cgi?id=1131823 x_refsource_CONFIRM
    http://shibboleth.net/community/advisories/secadv… x_refsource_CONFIRM
    Date Public
    2014-08-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:50:17.020Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "60816",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/60816"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1131823"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://shibboleth.net/community/advisories/secadv_20140813.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Identity Provider (IdP)",
              "vendor": "Shibboleth; OpenSAML Java",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.4.1"
                }
              ]
            },
            {
              "product": "OpenSAML Java",
              "vendor": "Shibboleth; OpenSAML Java",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.6.2"
                }
              ]
            }
          ],
          "datePublic": "2014-08-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The (1) HttpResource and (2) FileBackedHttpResource implementations in Shibboleth Identity Provider (IdP) before 2.4.1 and OpenSAML Java 2.6.2 do not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Other",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-04T13:38:16.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "60816",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/60816"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1131823"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://shibboleth.net/community/advisories/secadv_20140813.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2014-3603",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Identity Provider (IdP)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c 2.4.1"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "OpenSAML Java",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c 2.6.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Shibboleth; OpenSAML Java"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The (1) HttpResource and (2) FileBackedHttpResource implementations in Shibboleth Identity Provider (IdP) before 2.4.1 and OpenSAML Java 2.6.2 do not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Other"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "60816",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/60816"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1131823",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1131823"
                },
                {
                  "name": "http://shibboleth.net/community/advisories/secadv_20140813.txt",
                  "refsource": "CONFIRM",
                  "url": "http://shibboleth.net/community/advisories/secadv_20140813.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2014-3603",
        "datePublished": "2019-04-04T13:38:16.000Z",
        "dateReserved": "2014-05-14T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:50:17.020Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0489 (GCVE-0-2018-0489)

    Vulnerability from cvelistv5 – Published: 2018-02-27 15:00 – Updated: 2024-08-05 03:28
    VLAI
    Summary
    Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this issue exists because of an incomplete fix for CVE-2018-0486.
    Severity
    No CVSS data available.
    CWE
    • obtain sensitive information or conduct impersonation attacks
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Shibboleth XMLTooling-C before 1.6.4 Affected: Shibboleth XMLTooling-C before 1.6.4
    Date Public
    2018-02-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:28:11.071Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1040435",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040435"
              },
              {
                "name": "103172",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/103172"
              },
              {
                "name": "DSA-4126",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2018/dsa-4126"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://shibboleth.net/community/advisories/secadv_20180227.txt"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt"
              },
              {
                "name": "[debian-lts-announce] 20180228 [SECURITY] [DLA 1296-1] xmltooling security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00031.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Shibboleth XMLTooling-C before 1.6.4",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Shibboleth XMLTooling-C before 1.6.4"
                }
              ]
            }
          ],
          "datePublic": "2018-02-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this issue exists because of an incomplete fix for CVE-2018-0486."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "obtain sensitive information or conduct impersonation attacks",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-22T09:57:01.000Z",
            "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            "shortName": "debian"
          },
          "references": [
            {
              "name": "1040435",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040435"
            },
            {
              "name": "103172",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/103172"
            },
            {
              "name": "DSA-4126",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2018/dsa-4126"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://shibboleth.net/community/advisories/secadv_20180227.txt"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt"
            },
            {
              "name": "[debian-lts-announce] 20180228 [SECURITY] [DLA 1296-1] xmltooling security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00031.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@debian.org",
              "ID": "CVE-2018-0489",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Shibboleth XMLTooling-C before 1.6.4",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Shibboleth XMLTooling-C before 1.6.4"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this issue exists because of an incomplete fix for CVE-2018-0486."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "obtain sensitive information or conduct impersonation attacks"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1040435",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040435"
                },
                {
                  "name": "103172",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/103172"
                },
                {
                  "name": "DSA-4126",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2018/dsa-4126"
                },
                {
                  "name": "https://shibboleth.net/community/advisories/secadv_20180227.txt",
                  "refsource": "CONFIRM",
                  "url": "https://shibboleth.net/community/advisories/secadv_20180227.txt"
                },
                {
                  "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt"
                },
                {
                  "name": "[debian-lts-announce] 20180228 [SECURITY] [DLA 1296-1] xmltooling security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00031.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "assignerShortName": "debian",
        "cveId": "CVE-2018-0489",
        "datePublished": "2018-02-27T15:00:00.000Z",
        "dateReserved": "2017-11-27T00:00:00.000Z",
        "dateUpdated": "2024-08-05T03:28:11.071Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0486 (GCVE-0-2018-0486)

    Vulnerability from cvelistv5 – Published: 2018-01-13 18:00 – Updated: 2024-08-05 03:28
    VLAI
    Summary
    Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a crafted DTD.
    Severity
    No CVSS data available.
    CWE
    • mishandles digital signatures
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a XMLTooling-C before 1.6.3 Affected: XMLTooling-C before 1.6.3
    Date Public
    2018-01-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:28:11.047Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-4085",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2018/dsa-4085"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-security-announce/2018/msg00007.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://shibboleth.net/community/advisories/secadv_20180112.txt"
              },
              {
                "name": "[debian-lts-announce] 20180114 [SECURITY] [DLA 1242-1] xmltooling security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00016.html"
              },
              {
                "name": "1040177",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040177"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "XMLTooling-C before 1.6.3",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "XMLTooling-C before 1.6.3"
                }
              ]
            }
          ],
          "datePublic": "2018-01-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a crafted DTD."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "mishandles digital signatures",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-02T10:57:01.000Z",
            "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            "shortName": "debian"
          },
          "references": [
            {
              "name": "DSA-4085",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2018/dsa-4085"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://lists.debian.org/debian-security-announce/2018/msg00007.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://shibboleth.net/community/advisories/secadv_20180112.txt"
            },
            {
              "name": "[debian-lts-announce] 20180114 [SECURITY] [DLA 1242-1] xmltooling security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00016.html"
            },
            {
              "name": "1040177",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040177"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@debian.org",
              "ID": "CVE-2018-0486",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "XMLTooling-C before 1.6.3",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "XMLTooling-C before 1.6.3"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a crafted DTD."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "mishandles digital signatures"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-4085",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2018/dsa-4085"
                },
                {
                  "name": "https://lists.debian.org/debian-security-announce/2018/msg00007.html",
                  "refsource": "MISC",
                  "url": "https://lists.debian.org/debian-security-announce/2018/msg00007.html"
                },
                {
                  "name": "https://shibboleth.net/community/advisories/secadv_20180112.txt",
                  "refsource": "MISC",
                  "url": "https://shibboleth.net/community/advisories/secadv_20180112.txt"
                },
                {
                  "name": "[debian-lts-announce] 20180114 [SECURITY] [DLA 1242-1] xmltooling security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00016.html"
                },
                {
                  "name": "1040177",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040177"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "assignerShortName": "debian",
        "cveId": "CVE-2018-0486",
        "datePublished": "2018-01-13T18:00:00.000Z",
        "dateReserved": "2017-11-27T00:00:00.000Z",
        "dateUpdated": "2024-08-05T03:28:11.047Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CERTFR-2025-AVI-0753

    Vulnerability from certfr_avis - Published: - Updated:

    Une vulnérabilité a été découverte dans Shibboleth Service Provider, plus particulièrement dans le greffon ODBC. Elle permet à un attaquant de provoquer une injection SQL (SQLi).

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Shibboleth N/A Shibboleth Service Provider versions antérieures à V3.5.1
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Shibboleth Service Provider versions ant\u00e9rieures \u00e0 V3.5.1",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "Shibboleth",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [],
      "links": [],
      "reference": "CERTFR-2025-AVI-0753",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-09-04T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Injection SQL (SQLi)"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Shibboleth Service Provider, plus particuli\u00e8rement dans le greffon ODBC. Elle permet \u00e0 un attaquant de provoquer une injection SQL (SQLi).",
      "title": "Vuln\u00e9rabilit\u00e9 dans Shibboleth Service Provider",
      "vendor_advisories": [
        {
          "published_at": "2025-09-03",
          "title": "Bulletin de s\u00e9curit\u00e9 Shibboleth secadv_20250903",
          "url": "https://shibboleth.net/community/advisories/secadv_20250903.txt"
        }
      ]
    }

    CERTFR-2025-AVI-0731

    Vulnerability from certfr_avis - Published: - Updated:

    Une vulnérabilité a été découverte dans Shibboleth Identity Provider. Elles permettent à un attaquant de provoquer une injection de code indirecte à distance (XSS).

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Shibboleth Identity Provider Identity Provider versions antérieures à V5.1.6
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Identity Provider versions ant\u00e9rieures \u00e0 V5.1.6",
          "product": {
            "name": "Identity Provider",
            "vendor": {
              "name": "Shibboleth",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [],
      "links": [],
      "reference": "CERTFR-2025-AVI-0731",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-08-27T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Injection de code indirecte \u00e0 distance (XSS)"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Shibboleth Identity Provider. Elles permettent \u00e0 un attaquant de provoquer une injection de code indirecte \u00e0 distance (XSS).",
      "title": "Vuln\u00e9rabilit\u00e9 dans Shibboleth Identity Provider",
      "vendor_advisories": [
        {
          "published_at": "2025-08-26",
          "title": "Bulletin de s\u00e9curit\u00e9 Shibboleth secadv_20250826",
          "url": "https://shibboleth.net/community/advisories/secadv_20250826.txt"
        }
      ]
    }

    VAR-201508-0600

    Vulnerability from variot - Updated: 2023-12-18 12:20

    XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth Service Provider (SP), does not properly handle integer conversion exceptions, which allows remote attackers to cause a denial of service (crash) via schema-invalid XML data. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems. A security vulnerability exists in versions prior to Advantech WebAccess 8.1 that could be exploited by a remote attacker to cause a denial of service (out of bounds memory access). XMLTooling-C is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause the application using affected library to crash, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512


    Debian Security Advisory DSA-3321-1 security@debian.org https://www.debian.org/security/ Alessandro Ghedini July 30, 2015 https://www.debian.org/security/faq


    Package : xmltooling CVE ID : CVE-2015-0851 Debian Bug : 793855

    The InCommon Shibboleth Training team discovered that XMLTooling, a C++ XML parsing library, did not properly handle an exception when parsing well-formed but schema-invalid XML.

    For the oldstable distribution (wheezy), this problem has been fixed in version 1.4.2-5+deb7u1.

    For the stable distribution (jessie), this problem has been fixed in version 1.5.3-2+deb8u1.

    For the unstable distribution (sid), this problem will be fixed shortly.

    We recommend that you upgrade your xmltooling packages.

    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iQIcBAEBCgAGBQJVuoLsAAoJEK+lG9bN5XPLpgUP/07/YpmqvpItmNLfLvnE5yRD lLBc5TgD1oOOcV9SWk8fMdwU+YQ/uWOaBOYWXLwmTgriSXZgLSTUVn3BhWp9o7AQ /7E0wCBGrRErx/cQ1FOrRXAaZhXPgimaL9+7RPs+wkruIUyjhzHcj+TR13CkdHIE GI6Ah1NwuMWmqADXZd+XM3nV7Lieg9JBoXxsn0ZSY/7/BwwZh/HSME81+JmEvmTW OL+knet01hwVH39XI7fGgnpfRqxqTNf1gqmAu4Q0lbHcVClLDYtZlPpUQ55/evks rNyFaN5QmzMhZiiAcy6yakVKKFx/fdrAKog9xtfTUicBmkxFREQfy+CjhY7GmY4o o1S4DcV52z5YC3emSHUyQxqlwrKUzJznfVzjCLb289kS7JaySuYRuPM64y33Wyom nqXFZfjzgPIjskBqdxrctabDIcTHy0Mk+97yyMC8R8Wkw/00pzhcu6AIhGczSkCO cyOGOvdaDKFSj0RDqgJWuFtuKiJVSaClMJZTYNJATlKXeHtVHFptSo5POQAFXOEt BBeMRlw+gYhykNIjZTewHhiv/R27bjGaoV1lIcc3MMo6vhbOGmp6rjnMfTUYLO85 eDiiGn406vBB/4C5vvfSBBLpdnm6cSLQHHfLXGpU7wdIh2O1YAIo24Qp6Y9Njo5p p0yQgYhONZ0+MuBclNES =Jzdd -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201508-0600",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "xmltooling",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "xmltooling",
            "version": "1.5.4"
          },
          {
            "model": "opensaml",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "shibboleth",
            "version": "-c 2.5.5"
          },
          {
            "model": "service provider",
            "scope": null,
            "trust": 0.8,
            "vendor": "shibboleth",
            "version": null
          },
          {
            "model": "xmltooling",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "shibboleth",
            "version": "-c 1.5.5"
          },
          {
            "model": "webaccess",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "advantech",
            "version": "8.1"
          },
          {
            "model": "xmltooling",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "xmltooling",
            "version": "1.5.4"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-00428"
          },
          {
            "db": "BID",
            "id": "76134"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-004047"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0851"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-095"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:xmltooling_project:xmltooling:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.5.4",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-0851"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Scott Cantor",
        "sources": [
          {
            "db": "BID",
            "id": "76134"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2015-0851",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.0,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2015-0851",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2016-00428",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2015-0851",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2016-00428",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201508-095",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-00428"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-004047"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0851"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-095"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth Service Provider (SP), does not properly handle integer conversion exceptions, which allows remote attackers to cause a denial of service (crash) via schema-invalid XML data. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems. A security vulnerability exists in versions prior to Advantech WebAccess 8.1 that could be exploited by a remote attacker to cause a denial of service (out of bounds memory access). XMLTooling-C is prone to a denial-of-service vulnerability. \nRemote attackers can exploit this issue to cause the application using affected library to crash, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3321-1                   security@debian.org\nhttps://www.debian.org/security/                       Alessandro Ghedini\nJuly 30, 2015                         https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage        : xmltooling\nCVE ID         : CVE-2015-0851\nDebian Bug     : 793855\n\nThe InCommon Shibboleth Training team discovered that XMLTooling, a\nC++ XML parsing library, did not properly handle an exception when\nparsing well-formed but schema-invalid XML. \n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.4.2-5+deb7u1. \n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.5.3-2+deb8u1. \n\nFor the unstable distribution (sid), this problem will be fixed shortly. \n\nWe recommend that you upgrade your xmltooling packages. \n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIcBAEBCgAGBQJVuoLsAAoJEK+lG9bN5XPLpgUP/07/YpmqvpItmNLfLvnE5yRD\nlLBc5TgD1oOOcV9SWk8fMdwU+YQ/uWOaBOYWXLwmTgriSXZgLSTUVn3BhWp9o7AQ\n/7E0wCBGrRErx/cQ1FOrRXAaZhXPgimaL9+7RPs+wkruIUyjhzHcj+TR13CkdHIE\nGI6Ah1NwuMWmqADXZd+XM3nV7Lieg9JBoXxsn0ZSY/7/BwwZh/HSME81+JmEvmTW\nOL+knet01hwVH39XI7fGgnpfRqxqTNf1gqmAu4Q0lbHcVClLDYtZlPpUQ55/evks\nrNyFaN5QmzMhZiiAcy6yakVKKFx/fdrAKog9xtfTUicBmkxFREQfy+CjhY7GmY4o\no1S4DcV52z5YC3emSHUyQxqlwrKUzJznfVzjCLb289kS7JaySuYRuPM64y33Wyom\nnqXFZfjzgPIjskBqdxrctabDIcTHy0Mk+97yyMC8R8Wkw/00pzhcu6AIhGczSkCO\ncyOGOvdaDKFSj0RDqgJWuFtuKiJVSaClMJZTYNJATlKXeHtVHFptSo5POQAFXOEt\nBBeMRlw+gYhykNIjZTewHhiv/R27bjGaoV1lIcc3MMo6vhbOGmp6rjnMfTUYLO85\neDiiGn406vBB/4C5vvfSBBLpdnm6cSLQHHfLXGpU7wdIh2O1YAIo24Qp6Y9Njo5p\np0yQgYhONZ0+MuBclNES\n=Jzdd\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-0851"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-004047"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-00428"
          },
          {
            "db": "BID",
            "id": "76134"
          },
          {
            "db": "PACKETSTORM",
            "id": "132904"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-0851",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "76134",
            "trust": 1.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-004047",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-00428",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-095",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "132904",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-00428"
          },
          {
            "db": "BID",
            "id": "76134"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-004047"
          },
          {
            "db": "PACKETSTORM",
            "id": "132904"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0851"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-095"
          }
        ]
      },
      "id": "VAR-201508-0600",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-00428"
          }
        ],
        "trust": 1.03267184
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-00428"
          }
        ]
      },
      "last_update_date": "2023-12-18T12:20:39.781000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cpp-xmltooling.git / commitdiff",
            "trust": 0.8,
            "url": "https://git.shibboleth.net/view/?p=cpp-xmltooling.git;a=commitdiff;h=2d795c731e6729309044607154978696a87fd900"
          },
          {
            "title": "[21 July 2015]",
            "trust": 0.8,
            "url": "http://shibboleth.net/community/advisories/secadv_20150721.txt"
          },
          {
            "title": "Advantech WebAccess denial of service vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/70373"
          },
          {
            "title": "cpp-xmltooling.git-2d795c731e6729309044607154978696a87fd900",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=57194"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-00428"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-004047"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-095"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-189",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-004047"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0851"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "http://shibboleth.net/community/advisories/secadv_20150721.txt"
          },
          {
            "trust": 1.6,
            "url": "http://www.debian.org/security/2015/dsa-3321"
          },
          {
            "trust": 1.4,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0851"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/bid/76134"
          },
          {
            "trust": 1.0,
            "url": "https://git.shibboleth.net/view/?p=cpp-xmltooling.git%3ba=commitdiff%3bh=2d795c731e6729309044607154978696a87fd900"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0851"
          },
          {
            "trust": 0.6,
            "url": "https://git.shibboleth.net/view/?p=cpp-xmltooling.git;a=commitdiff;h=2d795c731e6729309044607154978696a87fd900"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0851"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-00428"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-004047"
          },
          {
            "db": "PACKETSTORM",
            "id": "132904"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0851"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-095"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-00428"
          },
          {
            "db": "BID",
            "id": "76134"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-004047"
          },
          {
            "db": "PACKETSTORM",
            "id": "132904"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0851"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-095"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-01-25T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2016-00428"
          },
          {
            "date": "2015-07-21T00:00:00",
            "db": "BID",
            "id": "76134"
          },
          {
            "date": "2015-08-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-004047"
          },
          {
            "date": "2015-08-03T01:17:30",
            "db": "PACKETSTORM",
            "id": "132904"
          },
          {
            "date": "2015-08-12T14:59:01.793000",
            "db": "NVD",
            "id": "CVE-2015-0851"
          },
          {
            "date": "2015-08-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201508-095"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-01-25T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2016-00428"
          },
          {
            "date": "2015-08-12T22:42:00",
            "db": "BID",
            "id": "76134"
          },
          {
            "date": "2015-08-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-004047"
          },
          {
            "date": "2023-11-07T02:23:35.317000",
            "db": "NVD",
            "id": "CVE-2015-0851"
          },
          {
            "date": "2015-08-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201508-095"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "132904"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-095"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "OpenSAML-C and  Shibboleth Service Provider Used in  XMLTooling-C Service disruption in  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-004047"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "digital error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201508-095"
          }
        ],
        "trust": 0.6
      }
    }