ReportizFlow
Filtered by vendor Samlify Project
Subscriptions
Filtered by product Samlify
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47949 | 1 Samlify Project | 1 Samlify | 2025-09-19 | 7.5 High |
| samlify is a Node.js library for SAML single sign-on. A Signature Wrapping attack has been found in samlify prior to version 2.10.0, allowing an attacker to forge a SAML Response to authenticate as any user. An attacker would need a signed XML document by the identity provider. Version 2.10.0 fixes the issue. | ||||
| CVE-2017-1000452 | 1 Samlify Project | 1 Samlify | 2024-11-21 | N/A |
| An XML Signature Wrapping vulnerability exists in Samlify 2.2.0 and earlier, and in predecessor Express-saml2 which could allow attackers to impersonate arbitrary users. | ||||
Page 1 of 1.