Medium severity4.0NVD Advisory· Published Mar 28, 2025· Updated Apr 15, 2026
CVE-2025-31335
CVE-2025-31335
Description
The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation (when using SAML bindings that rely on non-XML signatures).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- osv-coords5 versionspkg:rpm/opensuse/opensaml&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/opensaml&distro=openSUSE%20Tumbleweedpkg:rpm/suse/opensaml&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP6pkg:rpm/suse/opensaml&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/opensaml&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
< 3.1.0-150300.3.3.1+ 4 more
- (no CPE)range: < 3.1.0-150300.3.3.1
- (no CPE)range: < 3.3.1-2.1
- (no CPE)range: < 3.1.0-150300.3.3.1
- (no CPE)range: < 3.1.0-150300.3.3.1
- (no CPE)range: < 2.5.5-3.6.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.