Описание
Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | not-affected | 3.3.0+dfsg1-1 |
| esm-apps/focal | released | 3.0.4+dfsg1-1ubuntu0.1 |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | not-affected | 3.3.0+dfsg1-1 |
| esm-infra-legacy/trusty | DNE | |
| focal | released | 3.0.4+dfsg1-1ubuntu0.1 |
| groovy | ignored | end of life |
| hirsute | ignored | end of life |
| impish | ignored | end of life |
Показывать по
10
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| esm-apps/bionic | needs-triage | |
| esm-apps/xenial | needs-triage | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE | |
| impish | DNE |
Показывать по
10
Ссылки на источники
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.3
nvd
почти 5 лет назад
Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters.
CVSS3: 5.3
debian
почти 5 лет назад
Shibboleth Service Provider before 3.2.1 allows content injection beca ...
CVSS3: 5.3
github
больше 3 лет назад
Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters.
5 Medium
CVSS2
5.3 Medium
CVSS3