Internet2 Shibboleth-Sp vulnerabilities

CVE-2025-9943 [CRITICAL] CVE-2025-9943: An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider (SP) is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing for the ext

CVE-2021-31826 [HIGH] CVE-2021-31826: Shibboleth Service Provider 3 Shibboleth Service Provider 3.x before 3.2.2 is prone to a NULL pointer dereference flaw involving the session recovery feature. The flaw is exploitable (for a daemon crash) on systems not using this feature if a crafted cookie is supplied.

CVE-2021-28963 [MEDIUM] CVE-2021-28963: Shibboleth Service Provider before 3 Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters.

CVE-2019-19191 [HIGH] CVE-2019-19191: Shibboleth Service Provider (SP) 3 Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow.

CVE-2009-3300 [LOW] CVE-2009-3300: Multiple cross-site scripting (XSS) vulnerabilities in the Identity Provider (IdP) 1 Multiple cross-site scripting (XSS) vulnerabilities in the Identity Provider (IdP) 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via URLs that are encountered in redirections, and appear in automatically generated

CVE-2009-3476 [CRITICAL] CWE-119 CVE-2009-3476: Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibboleth Service Provider software 1 Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibboleth Service Provider software 1.3.x before 1.3.4, and XMLTooling before 1.2.2 as used in Internet2 Shibboleth Service Provider software 2.x before 2.2.1, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed encoded URL.

CVE-2009-3475 [HIGH] CVE-2009-3475: Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and 2.x before 2.2.1, when using P Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and 2.x before 2.2.1, when using PKIX trust validation, does not properly handle a '\0' character in the subject or subjectAltName fields of a certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification

CVE-2009-3474 [HIGH] CWE-310 CVE-2009-3474: OpenSAML 2.x before 2.2.1 and XMLTooling 1.x before 1.2.1, as used by Internet2 Shibboleth Service P OpenSAML 2.x before 2.2.1 and XMLTooling 1.x before 1.2.1, as used by Internet2 Shibboleth Service Provider 2.x before 2.2.1, do not follow the KeyDescriptor element's Use attribute, which allows remote attackers to use a certificate for both signing and encryption when it is designated for just one purpose, potentially weakening the intended security a