CVE-2017-12874

CVE-2017-12874

EPSS 1.3%

The InfoCard module 1.0 for SimpleSAMLphp allows attackers to spoof XML messages by leveraging an incorrect check of return values in signature validation utilities.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://lists.debian.org/debian-lts-announce/2017/12/msg00007.html https://simplesamlphp.org/security/201612-03 https://www.debian.org/security/2018/dsa-4127