node-saml Latest Vulnerabilities

Latest vulnerabilities published by node-saml

JSON RSS CSV 🔔 Create Alert Trigger

28 July 2025

Vulnerability in Node-SAML SAML Library Allows Modification of Assertions
CVE-2025-54419
Node-SAMLNode-SAML

24 July 2025

Input Validation Flaw in Vulnerable Software from Vendor XYZ
CVE-2025-54369
Node-samlNode-saml9.3CRITICAL

2 May 2024

Default Configuration Flaw Allows Signature Spoofing in xml-crypto Library
CVE-2024-32962
Node-samlXml-cryptoEPSS 12%10CRITICAL

23 August 2023

@node-saml/node-saml's validatePostRequestAsync does not include checkTimestampsValidityError
CVE-2023-40178
Node-samlNode-saml5.3MEDIUM

13 October 2022

Signature bypass via multiple root elements in node-SAML
CVE-2022-39300
Node-samlNode-saml7.7HIGH

12 October 2022

Signature bypass via multiple root elements in Passport-SAML
CVE-2022-39299
Node-samlPassport-saml👾🟡EPSS 13%7.4HIGH

27 August 2021

Unlimited transforms allowed for signed nodes
CVE-2021-39171
Node-samlPassport-saml5.3MEDIUM