simplesamlphp/saml2-legacy Security Advisories for v4.20.0 (2)
-
[HIGH] SimpleSAMLphp has Possible DoS via XPath Transform
PKSA-11bv-m3wk-h9sn CVE-2026-49289 GHSA-5cjr-mxj5-wmrx
Affected version: <=4.20.2
Reported by:
GitHub -
[HIGH] SimpleSAMLphp HTTP-Artifact TLS validator confusion allows cross-IdP authentication bypass
PKSA-4y26-97zb-p98g CVE-2026-49283 GHSA-6929-8p9f-26jx
Affected version: <4.20.2
Reported by:
GitHub