CVE-2016-9955 in SimpleSAMLphpinformación

Resumen

por MITRE

The SimpleSAML_XML_Validator class constructor in SimpleSAMLphp before 1.14.11 might allow remote attackers to spoof signatures on SAML 1 responses or possibly cause a denial of service (memory consumption) by leveraging improper conversion of return values to boolean.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

2016-12-15

Divulgación

2017-02-16

Moderación

aceptado

Artículo

VDB-97060

CPE

listo

CWE

CWE-20 (confirmado)

CVSS

6.3 (NVD)

EPSS

0.01188

KEV

Actividades

muy bajo

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-9955
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-9955
CVE Details	https://www.cvedetails.com/cve/CVE-2016-9955/

◂ Anterior Visión De Conjunto Próximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!