CVE-2024-52806

NameCVE-2024-52806
DescriptionSimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. When loading an (untrusted) XML document, for example the SAMLResponse, it's possible to induce an XXE. This vulnerability is fixed in 4.6.14 and 5.0.0-alpha.18.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3981-1, DSA-5822-1, ELA-1266-1
Debian Bugs1088904

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
simplesamlphp (PTS)jessie, jessie (lts)1.13.1-2+deb8u3vulnerable
stretch (security), stretch (lts), stretch1.14.11-1+deb9u2vulnerable
buster, buster (lts)1.16.3-1+deb10u3fixed
buster (security)1.16.3-1+deb10u1vulnerable
bullseye1.19.0-1vulnerable
bullseye (security)1.19.0-1+deb11u1fixed
bookworm (security)1.19.7-1+deb12u1fixed
sid, trixie, bookworm1.19.7-1vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
simplesamlphpsourcejessie(unfixed)end-of-life
simplesamlphpsourcestretch(unfixed)end-of-life
simplesamlphpsourcebuster1.16.3-1+deb10u3ELA-1266-1
simplesamlphpsourcebullseye1.19.0-1+deb11u1DLA-3981-1
simplesamlphpsourcebookworm1.19.7-1+deb12u1DSA-5822-1
simplesamlphpsource(unstable)(unfixed)1088904

Notes

https://github.com/simplesamlphp/saml2/security/advisories/GHSA-pxm4-r5ph-q2m2
https://github.com/simplesamlphp/saml2/commit/5fd4ce4596656fb0c1278f15b8305825412e89f7 (v4.16.14)

Search for package or bug name: Reporting problems