mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
77 lines
2.6 KiB
JSON
77 lines
2.6 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2017-12873",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "SimpleSAMLphp 1.7.0 through 1.14.10 might allow attackers to obtain sensitive information, gain unauthorized access, or have unspecified other impacts by leveraging incorrect persistent NameID generation when an Identity Provider (IdP) is misconfigured."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://github.com/simplesamlphp/simplesamlphp/commit/90dca835158495b173808273e7df127303b8b953",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://github.com/simplesamlphp/simplesamlphp/commit/90dca835158495b173808273e7df127303b8b953"
|
|
},
|
|
{
|
|
"name": "[debian-lts-announce] 20171212 [SECURITY] [DLA 1205-1] simplesamlphp security update",
|
|
"refsource": "MLIST",
|
|
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00007.html"
|
|
},
|
|
{
|
|
"name": "https://simplesamlphp.org/security/201612-04",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://simplesamlphp.org/security/201612-04"
|
|
},
|
|
{
|
|
"name": "DSA-4127",
|
|
"refsource": "DEBIAN",
|
|
"url": "https://www.debian.org/security/2018/dsa-4127"
|
|
}
|
|
]
|
|
}
|
|
} |