Filter

Software

shibboleth service provider
7
shibboleth identity provider
3
shibboleth opensaml
3
shibboleth opensaml java
2
shibboleth xmltooling-c
2
shibboleth oidc op
1
shibboleth shibboleth-identity-provider
1
shibboleth shibboleth-sp
1
shibboleth xmltooling
1

ubuntu/xmltoolingSSRF

high
7.5
First published (updated )
CVE-2023-36661

Shibboleth Service ProviderInsecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP) bef…

high
7.3
First published (updated )
CVE-2023-22947

Shibboleth Oidc OpSSRF

high
8.2
First published (updated )
CVE-2022-24129

debian/shibboleth-spNull Pointer Dereference

high
7.5
First published (updated )
CVE-2021-31826

Shibboleth Service ProviderShibboleth Service Provider before 3.2.1 allows content injection because template generation uses a…

medium
5.3
First published (updated )
CVE-2021-28963

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Shibboleth Identity ProviderShibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote unauthenticated…

high
7.5
First published (updated )
CVE-2020-27978

Shibboleth Service ProviderShibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a…

high
7.8
First published (updated )
CVE-2019-19191

Debian Debian LinuxInfoleak

high
7.5
First published (updated )
CVE-2010-2450

Debian Debian LinuxShibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windo…

medium
6.5
First published (updated )
CVE-2018-0489

Debian Debian LinuxShibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows…

medium
6.5
First published (updated )
CVE-2018-0486

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Debian Debian LinuxThe DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in OpenSAM…

high
8.1
First published (updated )
CVE-2017-16853

Debian Debian Linuxshibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic MetadataProvider plugin in Shibboleth Ser…

high
8.1
First published (updated )
CVE-2017-16852

Shibboleth Service ProviderInput Validation

medium
4
First published (updated )
CVE-2015-2684

Shibboleth Identity ProviderThe PKIX trust engines in Shibboleth Identity Provider before 2.4.4 and OpenSAML Java (OpenSAML-J) b…

medium
4.3
First published (updated )
CVE-2015-1796

redhat/opensamlThe (1) HttpResource and (2) FileBackedHttpResource implementations in Shibboleth Identity Provider …

medium
5.9
First published (updated )
CVE-2014-3603

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Shibboleth OpenSAMLInfoleak

medium
5
First published (updated )
CVE-2013-6440

Shibboleth Shibboleth-identity-providerShibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows …

medium
5.8
First published (updated )
CVE-2011-1411

Shibboleth Shibboleth-spBuffer Overflow

medium
5
First published (updated )
CVE-2011-2516

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203