Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS05MzI3LW1xbTYteDk3as4AAWQL
SimpleSAMLphp Information leakage issue in the sanitycheck module
The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors.
Permalink: https://github.com/advisories/GHSA-9327-mqm6-x97jJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS05MzI3LW1xbTYteDk3as4AAWQL
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: almost 2 years ago
Updated: 10 days ago
CVSS Score: 5.3
CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Identifiers: GHSA-9327-mqm6-x97j, CVE-2016-3124
References:
- https://nvd.nist.gov/vuln/detail/CVE-2016-3124
- https://simplesamlphp.org/security/201603-01
- http://www.securityfocus.com/bid/96134
- https://github.com/FriendsOfPHP/security-advisories/blob/master/simplesamlphp/simplesamlphp/CVE-2016-3124.yaml
- https://github.com/advisories/GHSA-9327-mqm6-x97j
Affected Packages
packagist:simplesamlphp/simplesamlphp
Dependent packages: 163Dependent repositories: 318
Downloads: 8,356,560 total
Affected Version Ranges: < 1.14.1
Fixed in: 1.14.1
All affected versions: 1.12.0, 1.13.0, 1.13.1, 1.13.2, 1.14.0
All unaffected versions: 1.14.1, 1.14.2, 1.14.3, 1.14.4, 1.14.5, 1.14.6, 1.14.7, 1.14.8, 1.14.9, 1.14.10, 1.14.11, 1.14.12, 1.14.13, 1.14.14, 1.14.15, 1.14.16, 1.14.17, 1.15.0, 1.15.1, 1.15.2, 1.15.3, 1.15.4, 1.16.0, 1.16.1, 1.16.2, 1.16.3, 1.17.0, 1.17.1, 1.17.2, 1.17.3, 1.17.4, 1.17.5, 1.17.6, 1.17.7, 1.17.8, 1.18.0, 1.18.1, 1.18.2, 1.18.3, 1.18.4, 1.18.5, 1.18.6, 1.18.7, 1.18.8, 1.18.9, 1.19.0, 1.19.1, 1.19.2, 1.19.3, 1.19.4, 1.19.5, 1.19.6, 1.19.7, 1.19.8, 1.19.9, 2.0.0, 2.0.1, 2.0.2, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.1.5, 2.1.6, 2.2.0, 2.2.0, 2.2.1, 2.2.2, 99.99.99