Количество 4
Количество 4
CVE-2017-12870
SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle attackers to obtain sensitive information by leveraging use of the aesEncrypt and aesDecrypt methods in the SimpleSAML/Utils/Crypto class to protect session identifiers in replies to non-HTTPS service providers.
CVE-2017-12870
SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle attackers to obtain sensitive information by leveraging use of the aesEncrypt and aesDecrypt methods in the SimpleSAML/Utils/Crypto class to protect session identifiers in replies to non-HTTPS service providers.
CVE-2017-12870
SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle ...
GHSA-44pr-mgcp-v36r
SimpleSAMLphp Unauthenticated encryption in CBC mode
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-12870 SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle attackers to obtain sensitive information by leveraging use of the aesEncrypt and aesDecrypt methods in the SimpleSAML/Utils/Crypto class to protect session identifiers in replies to non-HTTPS service providers. | CVSS3: 5.9 | 0% Низкий | больше 8 лет назад |
 | CVE-2017-12870 SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle attackers to obtain sensitive information by leveraging use of the aesEncrypt and aesDecrypt methods in the SimpleSAML/Utils/Crypto class to protect session identifiers in replies to non-HTTPS service providers. | CVSS3: 5.9 | 0% Низкий | больше 8 лет назад |
| CVE-2017-12870 SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle ... | CVSS3: 5.9 | 0% Низкий | больше 8 лет назад |
| GHSA-44pr-mgcp-v36r SimpleSAMLphp Unauthenticated encryption in CBC mode | CVSS3: 5.9 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу