simplesamlphp Cyber Security Vulnerability Stats and Metrics

SimpleSAMLphp casserver FileSystemTicketStore path traversal allows out-of-ticket-directory read/unserialize and conditional deletion

CVE-2026-46491

SimplesamlPHPSimplesamlPHP-module-c...8.6HIGH

Vulnerability in SimpleSAMLphp-casserver for CAS 1.0 and 2.0 by SimpleSAMLphp

CVE-2025-65954

SimplesamlPHPSimplesamlPHP-module-c...4.7MEDIUM

XML Security Library Vulnerability in SimpleSAMLphp

CVE-2026-32600

SimplesamlPHPXml-security8.2HIGH

Signature Confusion Vulnerability in SimpleSAMLphp SAML2 Library

CVE-2025-27773

SimplesamlPHPSaml28.6HIGH

Untrusted XML Documents Can Cause XXE Vulnerability in SimpleSAMLphp xml-common

CVE-2024-52596

SimplesamlPHPXml-common

Fixed XXE vulnerability in SAML2 library

CVE-2024-52806

SimplesamlPHPSaml28.3HIGH

Validation of SignedInfo

CVE-2023-49087

simplesamlphpxml-security7.5HIGH

simplesamlphp simplesamlphp-module-openidprovider trust.tpl.php cross site scripting

CVE-2010-10008

SimplesamlPHPSimplesamlPHP-module-o...3.5LOW

Information Cards Module cross site scripting

CVE-2010-10004

SimplesamlPHPInformation Cards Module3.5LOW

SimpleSAMLphp simplesamlphp-module-openid OpenID consumer.php cross site scripting

CVE-2010-10002

SimplesamlPHPSimplesamlPHP-module-o...6.1MEDIUM

simpleSAMLphp Authentication <= 0.7.0 Reflected Cross-Site Scripting

CVE-2021-38320

SimplesamlPHP Aut...SimplesamlPHP Authenti...6.1MEDIUM

Information disclosure of source code in SimpleSAMLphp

CVE-2020-5301

SimplesamlPHPSimplesamlPHP3LOW

Cross-site scripting in SimpleSAMLphp

CVE-2020-5226

SimplesamlPHPSimplesamlPHP4.4MEDIUM

Log injection in SimpleSAMLphp

CVE-2020-5225

SimplesamlPHPSimplesamlPHP4.4MEDIUM

XML Encryption Flaw in SimpleSAMLphp Affects Multiple Versions

CVE-2011-4625

SimplesamlPHPSimplesamlPHP7.5HIGH

Signature Validation Vulnerability in SimpleSAMLphp Library

CVE-2018-7711

SimplesamlPHPSimplesamlPHP8.1HIGH

SAML Assertion Signature Verification Issue in SimpleSAMLphp

CVE-2018-7644

SimplesamlPHPSimplesamlPHP7.5HIGH

Cross-Site Scripting Vulnerability in SimpleSAMLphp by SimpleSAML

CVE-2017-18121

SimplesamlPHPSimplesamlPHP6.1MEDIUM

Signature-Validation Bypass in SimpleSAMLphp by SimpleSAMLphp

CVE-2017-18122

SimplesamlPHPSimplesamlPHP8.1HIGH

Regular Expression Denial of Service in SimpleSAMLphp by Lasso Inc.

CVE-2018-6519

SimplesamlPHPSaml27.5HIGH

Open Redirect Flaw in SimpleSAMLphp by SimpleSAML

CVE-2018-6520

SimplesamlPHPSimplesamlPHP6.1MEDIUM

Access Bypass Vulnerability in SimpleSAMLphp's sqlauth Module

CVE-2018-6521

SimplesamlPHPSimplesamlPHP9.8CRITICAL

Encryption Bypass in SimpleSAMLphp by Utilizing Initialization Vector

CVE-2017-12871

SimplesamlPHPSimplesamlPHP5.9MEDIUM

Timing Side-Channel Vulnerability in SimpleSAMLphp Authcrypt Module

CVE-2017-12872

SimplesamlPHPSimplesamlPHP5.9MEDIUM

Information Disclosure Risk in SimpleSAMLphp by Launching Attacks on Misconfigured Identity Providers

CVE-2017-12873

SimplesamlPHPSimplesamlPHP9.8CRITICAL

Vulnerability Published:

Sort By:

9 June 2026

SimpleSAMLphp casserver FileSystemTicketStore path traversal allows out-of-ticket-directory read/unserialize and conditional deletion

18 May 2026

Vulnerability in SimpleSAMLphp-casserver for CAS 1.0 and 2.0 by SimpleSAMLphp

13 March 2026

XML Security Library Vulnerability in SimpleSAMLphp

11 March 2025

Signature Confusion Vulnerability in SimpleSAMLphp SAML2 Library

2 December 2024

Untrusted XML Documents Can Cause XXE Vulnerability in SimpleSAMLphp xml-common

Fixed XXE vulnerability in SAML2 library

30 November 2023

Validation of SignedInfo

17 January 2023

simplesamlphp simplesamlphp-module-openidprovider trust.tpl.php cross site scripting

9 January 2023

Information Cards Module cross site scripting

1 January 2023

SimpleSAMLphp simplesamlphp-module-openid OpenID consumer.php cross site scripting

9 September 2021

simpleSAMLphp Authentication <= 0.7.0 Reflected Cross-Site Scripting

21 April 2020

Information disclosure of source code in SimpleSAMLphp

24 January 2020

Cross-site scripting in SimpleSAMLphp

Log injection in SimpleSAMLphp

6 November 2019

XML Encryption Flaw in SimpleSAMLphp Affects Multiple Versions

5 March 2018

Signature Validation Vulnerability in SimpleSAMLphp Library

SAML Assertion Signature Verification Issue in SimpleSAMLphp

2 February 2018

Cross-Site Scripting Vulnerability in SimpleSAMLphp by SimpleSAML

Signature-Validation Bypass in SimpleSAMLphp by SimpleSAMLphp

Regular Expression Denial of Service in SimpleSAMLphp by Lasso Inc.

Open Redirect Flaw in SimpleSAMLphp by SimpleSAML

Access Bypass Vulnerability in SimpleSAMLphp's sqlauth Module

1 September 2017

Encryption Bypass in SimpleSAMLphp by Utilizing Initialization Vector

Timing Side-Channel Vulnerability in SimpleSAMLphp Authcrypt Module

Information Disclosure Risk in SimpleSAMLphp by Launching Attacks on Misconfigured Identity Providers