Описание
Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| upstream | needs-triage |
Показывать по
10
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.4.3-1 |
| hardy | DNE | |
| lucid | released | 2.3-1ubuntu0.1 |
| maverick | released | 2.3-2+squeeze1build0.10.10.1 |
| natty | ignored | end of life |
| oneiric | not-affected | 2.4.3-1 |
| precise | not-affected | 2.4.3-1 |
| quantal | not-affected | 2.4.3-1 |
| upstream | released | 2.4.3-1 |
Показывать по
10
Ссылки на источники
5.8 Medium
CVSS2
Связанные уязвимости
nvd
больше 14 лет назад
Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
debian
больше 14 лет назад
Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, ...
5.8 Medium
CVSS2