GHSA-5cjr-mxj5-wmrxHighCVSS 7.5

SimpleSAMLphp has Possible DoS via XPath Transform

Published
July 2, 2026
Last Modified
July 2, 2026

🔗 CVE IDs covered (1)

📋 Description

Summary

This library turned out to be vulnerable to Denial-of-Service attacks using XPath transforms. A mitigation has been put in place to restrict the number of transforms and to restrict transforms to only the transform-algorithms mentioned in the SAML 2.0 Core Specifications (and specifically refuse XPath transforms).

Impact

An attacker is able to send specially crafted messages to any entity relying on SimpleSAMLphp (or directly on this SAML2-library) to be able to perform a Denial-of-Service attack.

🎯 Affected products2

  • composer/simplesamlphp/saml2:<= 4.20.2
  • composer/simplesamlphp/saml2-legacy:<= 4.20.2

🔗 References (2)