Xmltooling

xmltooling

Vendor: Shibboleth • 1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-36661 2Debian Shibboleth 2Debian Linux Xmltooling May 5, 2025 Jun 25, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)