CVE-2018-7711 – simplesamlphp/saml2

Package

Manager: composer
Name: simplesamlphp/saml2
Vulnerable Version: >=0 <1.10.6 || >=2.0 <2.3.8 || >=3.0 <3.1.4

Severity

Level: High

CVSS v3.1: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.0022 pctl0.44563

Details

SimpleSAMLphp saml2 incorrect signature validation HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP functionality that interprets a -1 error code as a true boolean value.

Metadata

Created: 2022-05-14T03:34:12Z
Modified: 2023-07-25T20:55:06Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-g888-g2pp-82hf/GHSA-g888-g2pp-82hf.json
CWE IDs: ["CWE-347"]
Alternative ID: GHSA-g888-g2pp-82hf
Finding: F204
Auto approve: 1