CVE-2023-26267

Published: Feb 21, 2023Modified: Mar 14, 2025

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

php-saml-sp before 1.1.1 and 2.x before 2.1.1 allows reading arbitrary files as the webserver user because resolving XML external entities was silently enabled via \LIBXML_DTDLOAD | \LIBXML_DTDATTR.

Affected (2)

Products: Php Saml Sp Project: Php Saml Sp

Php Saml Sp Project

1 product

Php Saml Sp

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Php Saml Sp Project Php Saml Sp	Before 1.1.1
Php Saml Sp Project Php Saml Sp	From 2.0.0 to 2.1.1

Related CWEs

CWE-611

Improper Restriction of XML External Entity Reference

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

References (4)

https://git.sr.ht/~fkooman/php-saml-sp/commit/851f75b298a77e62d9022f1b170f662f5f7716d6

Source: cve@mitre.org

Patch

https://git.sr.ht/~fkooman/php-saml-sp/log

Source: cve@mitre.org

Patch

https://git.sr.ht/~fkooman/php-saml-sp/commit/851f75b298a77e62d9022f1b170f662f5f7716d6

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.sr.ht/~fkooman/php-saml-sp/log

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.