Skip to main content

Identity Provider

2 CVEs product

Monthly

CVE-2020-27978 HIGH This Week

Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Denial Of Service Identity Provider
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2015-1796 Maven MEDIUM PATCH This Month

The PKIX trust engines in Shibboleth Identity Provider before 2.4.4 and OpenSAML Java (OpenSAML-J) before 2.6.5 trust candidate X.509 credentials when no trusted names are available for the entityID,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Java Identity Provider Opensaml Java
NVD
CVSS 2.0
4.3
EPSS
0.2%
EPSS 2% CVSS 7.5
HIGH This Week

Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Denial Of Service Identity Provider
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The PKIX trust engines in Shibboleth Identity Provider before 2.4.4 and OpenSAML Java (OpenSAML-J) before 2.6.5 trust candidate X.509 credentials when no trusted names are available for the entityID,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Java Identity Provider +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy