Download
| Alert*
|
oval:org.mitre.oval:def:7994
Several vulnerabilities have been discovered in the opensaml and shibboleth-sp packages, as used by Shibboleth 1.x: Chris Ries discovered that decoding a crafted URL leads to a crash (and potentially, arbitrary code execution). Ian Young discovered that embedded NUL characters in certificate names w ... oval:org.mitre.oval:def:8365 Several vulnerabilities have been discovered in the xmltooling packages, as used by Shibboleth: Chris Ries discovered that decoding a crafted URL leads to a crash (and potentially, arbitrary code execution). Ian Young discovered that embedded NUL characters in certificate names were not correctly ha ... oval:org.secpod.oval:def:600255 Several vulnerabilities have been discovered in the xmltooling packages, as used by Shibboleth: Chris Ries discovered that decoding a crafted URL leads to a crash . Ian Young discovered that embedded NUL characters in certificate names were not correctly handled, exposing configurations using PKIX t ... oval:org.secpod.oval:def:600495 In DSA-1895-1, the xmltooling package was updated to address several security issues. It turns out that the change related to SAML metadata processing for key constraints caused problems when applied without the matching changes in the opensaml2 and shibboleth-sp2 packages. For the stable distributi ... oval:org.secpod.oval:def:600370 Several vulnerabilities have been discovered in the opensaml and shibboleth-sp packages, as used by Shibboleth 1.x: Chris Ries discovered that decoding a crafted URL leads to a crash . Ian Young discovered that embedded NUL characters in certificate names were not correctly handled, exposing configu ... |
