simplesamlphp prior to 1.6.3 (squeeze) and prior to 1.8.2 (sid) incorrectly handles XML encryption which could allow remote malicious users to decrypt or forge messages.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
simplesamlphp simplesamlphp |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |