VYPR

rpm package

opensuse/shibboleth-sp&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/shibboleth-sp&distro=openSUSE%20Tumbleweed

Vulnerabilities (1)

  • CVE-2025-9943CriSep 10, 2025
    affected < 3.5.1-1.1fixed 3.5.1-1.1

    An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider (SP) is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL in