VYPR
Moderate severityNVD Advisory· Published Nov 17, 2015· Updated Jun 17, 2026

CVE-2015-5217

CVE-2015-5217

Description

providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly check permissions to update the SAML2 Service Provider (SP) owner, which allows remote authenticated users to cause a denial of service via a duplicate SP name.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ipsilonPyPI
>= 0.1.0, < 1.2.01.2.0

Affected products

7
  • Ipsilon/Ipsilon6 versions
    cpe:2.3:a:ipsilon_project:ipsilon:0.1.0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:ipsilon_project:ipsilon:0.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ipsilon_project:ipsilon:0.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ipsilon_project:ipsilon:0.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ipsilon_project:ipsilon:0.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ipsilon_project:ipsilon:0.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ipsilon_project:ipsilon:1.0.0:*:*:*:*:*:*:*
  • ghsa-coords
    Range: >= 0.1.0, < 1.2.0

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.