VYPR

Simplesamlphp Module Casserver

by Simplesamlphp

Source repositories

CVEs (3)

  • CVE-2026-46491HigJun 10, 2026
    risk 0.49cvss 8.6epss 0.00

    SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. Prior to version 7.0.3, simplesamlphp-module-casserver builds file paths for the file-based CAS ticket store by directly concatenating the configured ticket directory with an…

  • CVE-2025-65954MedMay 18, 2026
    risk 0.33cvss 6.1epss 0.00

    SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. In versions below 6.3.1 and 7.0.0, the logout endpoint accepts a url query parameter to redirect to. casserver treats that url as trusted, and either (depending on…

  • CVE-2010-10002Jan 1, 2023
    risk 0.00cvss epss 0.01

    ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in SimpleSAMLphp simplesamlphp-module-openid. Affected is an unknown function of the file templates/consumer.php of the component OpenID Handler. The manipulation of the argument AuthState…