VDB
KO
HIGH 7.5

GHSA-5cjr-mxj5-wmrx

SimpleSAMLphp has Possible DoS via XPath Transform

Details

## Summary

This library turned out to be vulnerable to Denial-of-Service attacks using XPath transforms. A mitigation has been put in place to restrict the number of transforms and to restrict transforms to only the transform-algorithms mentioned in the SAML 2.0 Core Specifications (and specifically refuse XPath transforms).

## Impact

An attacker is able to send specially crafted messages to any entity relying on SimpleSAMLphp (or directly on this SAML2-library) to be able to perform a Denial-of-Service attack.

Are you affected?

Enter the version of the package you're using.

Affected packages

Packagist / simplesamlphp/saml2
Introduced in: 0 Fixed in: 4.20.3
Fix composer require simplesamlphp/saml2:^4.20.3
Packagist / simplesamlphp/saml2-legacy
Introduced in: 0 Fixed in: 4.20.3
Fix composer require simplesamlphp/saml2-legacy:^4.20.3

References