SimpleSAMLphp xml-common XXE vulnerability
When loading an (untrusted) XML document, for example the SAMLResponse, it's possible to induce an XXE.
Advisories for Composer/Simplesamlphp/Xml-Security package
2024
SimpleSAMLphp SAML2 has an XXE in parsing SAML messages
When loading an (untrusted) XML document, for example the SAMLResponse, it's possible to induce an XXE.
2023
Validation of SignedInfo
Validation of an XML Signature requires verification that the hash value of the related XML-document (after any optional transformations and/or normalizations) matches a specific DigestValue-value, but also that the cryptografic signature on the SignedInfo-tree (the one that contains the DigestValue) verifies and matches a trusted public key. Within the simpleSAMLphp/xml-security library (https://github.com/simplesamlphp/xml-security), the hash is being validated using SignedElementTrait::validateReference, and the signature is being verified in SignedElementTrait::verifyInternal https://github.com/simplesamlphp/xml-security/blob/master/src/XML/SignedElementTrait.php: What stands …