Lucene search
PRIOn knowledge basePRION:CVE-2023-26267HistoryFeb 21, 2023 - 9:15 a.m.
Xxe
2023-02-2109:15:00
PRIOn knowledge base
www.prio-n.com
5
php-saml-sp 1.1.1 2.x 2.1.1 xml external entities webserver user resolving arbitrary files nvd
php-saml-sp before 1.1.1 and 2.x before 2.1.1 allows reading arbitrary files as the webserver user because resolving XML external entities was silently enabled via \LIBXML_DTDLOAD | \LIBXML_DTDATTR.
| CPE | Name | Operator | Version |
|---|---|---|---|
| php-saml-sp | lt | 1.1.1 | |
| php-saml-sp | ge | 2.0.0 | |
| php-saml-sp | lt | 2.1.1 |
Related
nvd
nvd
CVE-2023-26267
2023-02-21 09:15:13
cve
cve
CVE-2023-26267
2023-02-21 09:15:13
cvelist
cvelist
CVE-2023-26267
2023-02-21 00:00:00