Critical severity9.1NVD Advisory· Published Jul 12, 2017· Updated Jun 17, 2026
CVE-2016-8638
CVE-2016-8638
Description
A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users. This issue is related to how it tracks sessions, and allows an unauthenticated attacker to view and terminate active sessions from other users. It is also called a "SAML2 multi-session vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ipsilonPyPI | >= 2.0.0, < 2.0.2 | 2.0.2 |
ipsilonPyPI | >= 1.2.0, < 1.2.1 | 1.2.1 |
ipsilonPyPI | >= 1.1.0, < 1.1.2 | 1.1.2 |
ipsilonPyPI | >= 1.0.0, < 1.0.3 | 1.0.3 |
Affected products
9cpe:2.3:a:ipsilon_project:ipsilon:1.0.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:ipsilon_project:ipsilon:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ipsilon_project:ipsilon:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ipsilon_project:ipsilon:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ipsilon_project:ipsilon:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ipsilon_project:ipsilon:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ipsilon_project:ipsilon:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ipsilon_project:ipsilon:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ipsilon_project:ipsilon:2.0.1:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
15- pagure.io/ipsilon/c/511fa8b7001c2f9a42301aa1d4b85aaf170a461cnvdPatchVendor AdvisoryWEB
- www.securityfocus.com/bid/94439nvdThird Party AdvisoryVDB EntryWEB
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryWEB
- github.com/advisories/GHSA-376m-3rm2-9jm6ghsaADVISORY
- ipsilon-project.org/advisory/CVE-2016-8638.txtnvdVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2016-8638ghsaADVISORY
- rhn.redhat.com/errata/RHSA-2016-2809.htmlnvdWEB
- access.redhat.com/errata/RHSA-2016:2809ghsaWEB
- access.redhat.com/security/cve/CVE-2016-8638ghsaWEB
- bugzilla.redhat.com/show_bug.cgighsaWEB
- github.com/ipsilon-project/ipsilon/commit/1c48414877fc110652b6078a29529972c7ec9122ghsaWEB
- github.com/ipsilon-project/ipsilon/commit/64fc366c054fc6af1d9d2692902db169884b5f78ghsaWEB
- github.com/ipsilon-project/ipsilon/commit/a33303b6beb5c316d7c18b23566b7666a4e307a4ghsaWEB
- github.com/ipsilon-project/ipsilon/commit/b4744a92d4fa7f6d7ade0ae2d99a2dc0ea94734dghsaWEB
- ipsilon-project.org/release/2.1.0.htmlnvdWEB
News mentions
0No linked articles in our index yet.