Описание
The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation (when using SAML bindings that rely on non-XML signatures).
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.3.1-2 |
| esm-apps/focal | released | 3.0.1-1ubuntu0.1 |
| esm-apps/jammy | released | 3.2.1-1ubuntu0.1 |
| esm-apps/noble | released | 3.2.1-4.1ubuntu0.24.04.1 |
| focal | released | 3.0.1-1ubuntu0.1 |
| jammy | released | 3.2.1-1ubuntu0.1 |
| noble | released | 3.2.1-4.1ubuntu0.24.04.1 |
| oracular | released | 3.2.1-4.1ubuntu0.24.10.1 |
| plucky | released | 3.3.0-2ubuntu1 |
| upstream | released | 3.3.1-1 |
Показывать по
10
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| esm-apps/bionic | released | 2.6.1-1ubuntu0.1~esm1 |
| esm-apps/xenial | released | 2.5.5-1ubuntu0.1+esm1 |
| trusty | ignored | end of ESM support, was needs-triage |
| upstream | DNE | |
| xenial | ignored | end of standard support |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 11%
0.00037
Низкий
4 Medium
CVSS3
Связанные уязвимости
CVSS3: 4
redhat
9 месяцев назад
The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation (when using SAML bindings that rely on non-XML signatures).
CVSS3: 4
nvd
9 месяцев назад
The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation (when using SAML bindings that rely on non-XML signatures).
CVSS3: 4
debian
9 месяцев назад
The OpenSAML C++ library before 3.3.1 allows forging of signed SAML me ...
EPSS
Процентиль: 11%
0.00037
Низкий
4 Medium
CVSS3