Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
shibboleth opensaml java vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-1796
The PKIX trust engines in Shibboleth Identity Provider prior to 2.4.4 and OpenSAML Java (OpenSAML-J) prior to 2.6.5 trust candidate X.509 credentials when no trusted names are available for the entityID, which allows remote malicious users to impersonate an entity via a certifica...
Shibboleth Identity Provider
Shibboleth Opensaml Java
4.3
CVSSv2
CVE-2014-3603
The (1) HttpResource and (2) FileBackedHttpResource implementations in Shibboleth Identity Provider (IdP) prior to 2.4.1 and OpenSAML Java 2.6.2 do not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.50...
Shibboleth Identity Provider
Shibboleth Opensaml Java
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started