rpm package
opensuse/shibboleth-sp&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/shibboleth-sp&distro=openSUSE%20Tumbleweed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-9943 | Cri | 9.1 | < 3.5.1-1.1 | 3.5.1-1.1 | Sep 10, 2025 | An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider (SP) is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL in |
- affected < 3.5.1-1.1fixed 3.5.1-1.1
An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider (SP) is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL in