simplesamlphp

Direct Vulnerabilities

Known vulnerabilities in the simplesamlphp package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
H Arbitrary Code Injection	<1.15.2-1
L Resource Management Errors	<1.14.10-1
M Cross-site Scripting (XSS)	<1.8.2-1
M Information Exposure	<1.14.15-1
L XML External Entity (XXE) Injection	<1.19.7-1+deb12u1
H Improper Verification of Cryptographic Signature	<1.15.0-1
M Cross-site Scripting (XSS)	<1.15.0-1
M Inadequate Encryption Strength	<1.14.15-1
H Improper Input Validation	<1.14.15-1
H Improper Verification of Cryptographic Signature	<1.15.3-1
M Open Redirect	<1.15.2-1
M Insufficient Session Expiration	<1.14.15-1
M Information Exposure	<1.14.15-1
H Improper Handling of Exceptional Conditions	<1.8.1-1
H Improper Verification of Cryptographic Signature	<1.17.6-2
L Information Exposure Through Log Files	<1.18.4-1
L Improper Verification of Cryptographic Signature	<1.19.7-2
C CVE-2018-6521	<1.15.2-1
L Information Exposure	<1.14.1-1
L Improper Input Validation	<1.14.11-1
M Cross-site Scripting (XSS)	<1.8.2-1
L XML External Entity (XXE) Injection	<1.19.7-1+deb12u1
M Cross-site Scripting (XSS)	<1.18.4-1
C Session Fixation	<1.14.15-1
H Improper Input Validation	<1.14.11-1
C Session Fixation	<1.14.11-1
H Improper Verification of Cryptographic Signature	<1.15.4-1