The SAML2 library before 1.10.4, 2.x before 2.3.5, and 3.x before 3.1.1 in SimpleSAMLphp has a Regular Expression Denial of Service vulnerability for fraction-of-seconds data in a timestamp.
References
Link | Resource |
---|---|
https://simplesamlphp.org/security/201801-01 | Vendor Advisory |
https://www.debian.org/security/2018/dsa-4127 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-02-02T01:00:00
Updated: 2018-03-03T10:57:01
Reserved: 2018-02-01T00:00:00
Link: CVE-2018-6519
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-02-02T01:29:00.230
Modified: 2018-10-03T18:12:42.610
Link: CVE-2018-6519
JSON object: View
Redhat Information
No data.
CWE