All 5 CVE vulnerabilities found in Saml2, with AI-generated Chinese analysis, references, and POCs.
Vendor: Sustainsys
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-27773 | SimpleSAMLphp SAML2 library has incorrect signature verification for HTTP-Redirect binding CWE-347 | 8.6 | High | 2025-03-11 |
| CVE-2024-52806 | SimpleSAMLphp SAML2 has an XXE in parsing SAML messages CWE-611 | 8.3 | High | 2024-12-02 |
| CVE-2023-41890 | Sustainsys.Saml2 Insufficient Identity Provider Issuer Validation CWE-289 | 7.5 | High | 2023-09-19 |
| CVE-2020-5268 | Subject Confirmation Method not validated in Saml2 Authentication Services for ASP.NET CWE-303 | 6.5 | Medium | 2020-04-21 |
| CVE-2020-5261 | Missing Token Replay Detection CWE-294 | 8.2 | High | 2020-03-25 |
All 5 known CVE vulnerabilities affecting Saml2 with full Chinese analysis, references, and POCs where available.