The SimpleSAML_XML_Validator class constructor in SimpleSAMLphp prior to 1.14.11 might allow remote malicious users to spoof signatures on SAML 1 responses or possibly cause a denial of service (memory consumption) by leveraging improper conversion of return values to boolean.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
simplesamlphp simplesamlphp |
||
debian debian linux 7.0 |