| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-6521 | 7.5 |
The sqlauth module in SimpleSAMLphp before 1.15.2 relies on the MySQL utf8 charset, which truncates queries upon encountering four-byte characters. There might be a scenario in which this allows remote attackers to bypass intended access restrictions
|
03-10-2019 - 00:03 | 02-02-2018 - 01:29 | |
| CVE-2017-18122 | 6.8 |
A signature-validation bypass issue was discovered in SimpleSAMLphp through 1.14.16. A SimpleSAMLphp Service Provider using SAML 1.1 will regard as valid any unsigned SAML response containing more than one signed assertion, provided that the signatur
|
13-05-2019 - 17:40 | 02-02-2018 - 15:29 | |
| CVE-2017-18121 | 4.3 |
The consentAdmin module in SimpleSAMLphp through 1.14.15 is vulnerable to a Cross-Site Scripting attack, allowing an attacker to craft links that could execute arbitrary JavaScript code on the victim's web browser.
|
13-05-2019 - 15:41 | 02-02-2018 - 15:29 |