Every CVE whose affected-product data names Simplesamlphp Saml2, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2016-9814 — CVSS 9.1 (critical): The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x…
CVE-2018-7711 — CVSS 8.1 (high): HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation…
CVE-2018-6519 — CVSS 7.5 (high): The SAML2 library before 1.10.4, 2.x before 2.3.5, and 3.x before 3.1.1 in SimpleSAMLphp has a Regular Expression Denial of Service…
CVE-2023-49087 — CVSS 6.8 (medium): xml-security is a library that implements XML signatures and encryption. Validation of an XML signature requires verification that the hash…