simplesamlphp/xml-security Security Advisories for v1.6.11 (2)
-
[HIGH] simplesamlphp/xml-security: Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption
PKSA-sxbn-dpg6-6ng9 CVE-2026-32600 GHSA-r353-4845-pr5p
Affected version: <2.3.1
Reported by:
GitHub -
[HIGH] Validation of SignedInfo
PKSA-57qx-v755-bhs3 CVE-2023-49087 GHSA-ww7x-3gxh-qm6r
Affected version: =1.6.11
Reported by:
GitHub