GCVE - cpe:2.3:a:shibboleth:shibboleth-identity-provider:2.1.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:shibboleth:shibboleth-identity-provider:2.1.1:*:*:*:*:*:*:*

part: a version: 2.1.1 update: *

Vendor	Shibboleth (`b8022daa-94b7-5177-897b-f4c767ed6d13`)
Product	Shibboleth Identity Provider (`e0377b20-1303-5d8e-baa7-5d83ae303575`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2011-1411`	vulnerable	2026-06-08 04:57:59.066033	Details available Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack." Published: 2011-09-02T23:00:00.000Z Updated: 2024-08-06T22:28:40.875Z Open on db.gcve.eu Reference links http://shibboleth.internet2.edu/secadv/secadv_20110725.txt http://www.debian.org/security/2011/dsa-2284 http://secunia.com/advisories/50994 http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.