CVE-2018-7644 (High) detected in ILIAS-v5.3.6

[mend-bolt-for-github[bot]]

CVE-2018-7644 - High Severity Vulnerability

Vulnerable Library - ILIASv5.3.6

GitHub repository for official ILIAS release branches and development branches (trunk)

Library home page: https://github.com/ILIAS-eLearning/ILIAS.git

Found in HEAD commit: b7d04ef1df8d386961f67bf1a9305d4fff86a987

Library Source Files (511)

* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.

- /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Utilities.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/www/module.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Process/AttributeAlter.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Logger/LoggingHandlerInterface.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/config-templates/config.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/discopower/www/js/suggest.js - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/www/loginuserpass.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/www/frontpage_federation.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authYubiKey/templates/yubikeylogin.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/AttributeConsumingService.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/oauth/www/getUserInfo.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/templates/frontpage_welcome.tpl.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/StatusResponse.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/saml/Attribute.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/consentAdmin/www/consentAdmin.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/oauth/lib/OAuthStore.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/discopower/www/js/jquery.livesearch.js - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authcrypt/lib/Auth/Source/Htpasswd.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/Auth/Process/ExpectedAuthnContextClassRef.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/adfs/www/idp/prp.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/templates/selectidp-dropdown.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/XML/Shib13/AuthnResponse.php - /developer-portal/application/vendor/gettext/gettext/src/Utils/ParsedFunction.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/oauth/lib/Registry.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/ecp/Response.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authX509/lib/Auth/Process/ExpiryWarning.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Signature/ValidatorChain.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/ContactPerson.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/config-templates/authsources.php - /developer-portal/application/vendor/gettext/gettext/src/Generators/JsonDictionary.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authtwitter/lib/Auth/Source/Twitter.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Logger/ErrorLogLoggingHandler.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Certificate/KeyLoader.php - /developer-portal/application/vendor/gettext/gettext/src/Extractors/Po.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/XHTML/EMail.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/oauth/config-template/module_oauth.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/_autoload.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/templates/includes/attributes.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authfacebook/lib/Facebook.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Certificate/PrivateKeyLoader.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Utilities/ArrayCollection.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/metarefresh/config-templates/config-metarefresh.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Auth/Source.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/lib/LogParser.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Process/LanguageAdaptor.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Signature/AbstractChainedValidator.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Certificate/FingerprintLoader.php - /developer-portal/application/vendor/gettext/gettext/src/Generators/Mo.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/discopower/lib/PowerIdPDisco.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/saml/SubjectConfirmationData.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/saml/BaseIDType.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/Validation/ConstraintValidator/SpIsValidAudience.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/alg/SigningMethod.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/SignedElementHelper.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/bin/importPdoMetadata.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Compat/MockContainer.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/www/_include.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Module.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Error/CannotSetCookie.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Utils/Config.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/bin/pwgen.php - /developer-portal/application/vendor/gettext/gettext/src/Utils/JsFunctionsScanner.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/consentAdmin/www/includes/consentSimpleAjax.js - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Auth/LDAP.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/IdP/SQLNameID.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/attributemap/name2claim.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/EncryptedAssertion.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/shibmd/Scope.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandlerSerialize.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/_autoload_modules.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/Auth/Process/TransientNameID.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/Transformer/TransformerChain.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/oauth/bin/demo.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/EndpointType.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authX509/templates/X509warning.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Certificate/FingerprintCollection.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/exampleauth/lib/Auth/Process/RedirectTest.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Signature/PublicKeyValidator.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/www/shib13/idp/SSOService.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/www/shib13/idp/metadata.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/AdditionalMetadataLocation.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Metadata/Sources/MDQ.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Process/PHP.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/portal/lib/Portal.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/exampleauth/lib/Auth/Source/UserPass.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/IdP/LogoutHandlerInterface.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Utils/Attributes.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/adfs/lib/IdP/ADFS.php - /developer-portal/application/vendor/gettext/gettext/src/Extractors/ExtractorInterface.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/hooks/hook_frontpage.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/Auth/Process/PersistentNameID2TargetedID.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/www/saml2/idp/ArtifactResolutionService.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/mdrpi/RegistrationInfo.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Configuration/Destination.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Process/GenerateGroups.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/XML/Signer.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/www/sp/saml2-logout.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/Validation/SubjectConfirmationValidator.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/templates/post.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/expirycheck/templates/about2expire.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/lib/Statistics/Rulesets/BaseRule.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/ACL.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Auth/Simple.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/ds/KeyInfo.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/consentAdmin/templates/consentadmin.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/mdui/Logo.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/casserver/www/proxy.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/ArtifactResolve.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/templates/frontpage_federation.tpl.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Certificate/PrivateKey.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Store/Memcache.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Stats/Output/File.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Utils/Random.php - /developer-portal/application/vendor/gettext/gettext/src/Extractors/Blade.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/SPSSODescriptor.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandlerXML.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/metarefresh/lib/ARP.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/hooks/hook_frontpage.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Process/AttributeMap.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/attributemap/facebook2name.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Compat/Ssp/Logger.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Process/AttributeAdd.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/Error/NoAvailableIDP.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/negotiate/lib/Auth/Source/Negotiate.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/www/idp/logout-iframe-done.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/UnknownRoleDescriptor.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/attributemap/newSchacNS.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Auth/Default.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/UserPassOrgBase.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/Validation/ConstraintValidator/NotBefore.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/cron/www/croninfo.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/memcacheMonitor/hooks/hook_sanitycheck.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authlinkedin/lib/Auth/Source/LinkedIn.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/negotiate/www/retry.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/multiauth/templates/selectsource.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/consent/lib/Consent/Store/Cookie.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Metadata/Signer.php - /developer-portal/application/vendor/gettext/gettext/src/Translation.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Configuration/SimpleSAMLConverter.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Certificate/X509.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/www/show_metadata.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/www/authenticate.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/www/showstats.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/ldap/lib/Auth/Source/LDAPMulti.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/preprodwarning/lib/Auth/Process/Warning.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/Processor.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/www/admin/metadata-converter.php - /developer-portal/application/vendor/gettext/gettext/src/Extractors/PhpCode.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/IdP/SAML2.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/Validation/ConstraintValidator/SessionNotOnOrAfter.php - /developer-portal/application/vendor/gettext/gettext/src/Translator.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/Error/ProxyCountExceeded.php - /developer-portal/application/vendor/gettext/gettext/src/Generators/CsvDictionary.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/www/errorreport.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/sanitycheck/hooks/hook_cron.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Error/UnserializableException.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/ldap/lib/Auth/Process/AttributeAddFromLDAP.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/lib/Statistics/Rulesets/Ratio.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/XHTML/Template.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/templates/selectidp-links.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/XML/Errors.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/oauth/lib/Consumer.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandlerFlatFile.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/mdui/UIInfo.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authYubiKey/libextinc/Yubico.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/Extensions.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/KeyDescriptor.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/templates/no_cookie.tpl.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Process/StatisticsWithAttribute.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Process/AttributeValueMap.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Database.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/ldap/lib/Auth/Process/BaseFilter.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/templates/login.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Store/SQL.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Logger.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/PDPDescriptor.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Utilities/File.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/Error/NoSupportedIDP.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/preprodwarning/templates/warning.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandlerPdo.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/ds/KeyName.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/www/frontpage_auth.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/XHTML/IdPDisco.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authX509/www/expirywarning.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/config-templates/acl.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/AuthMemCookie.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authYubiKey/lib/Auth/Process/OTP2YubiPrefix.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/lib/AccessCheck.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Process/TargetedID.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/consentAdmin/config-templates/module_consentAdmin.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/www/saml2/idp/metadata.php - /developer-portal/application/vendor/whitehat101/apr1-md5/src/APR1_MD5.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/templates/error.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/SessionHandler.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/RoleDescriptor.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/cron/templates/croninfo-result.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/templates/attributequery.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Utils/Auth.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Certificate/Key.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Metadata/SAMLParser.php - /developer-portal/application/vendor/gettext/gettext/src/Utils/FunctionsScanner.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/riak/hooks/hook_cron.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/attributemap/addurnprefix.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/mdui/DiscoHints.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Store/Redis.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/attributemap/linkedin2name.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/www/idp/logout-iframe.js - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/consent/templates/consentform.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/Validation/ConstraintValidator/SubjectConfirmationRecipientMatches.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/preprodwarning/www/showwarning.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Utilities/Collection.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/casserver/www/cas.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/lib/DateHandler.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/templates/logout-iframe-wrapper.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/radius/lib/Auth/Source/Radius.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/attributemap/removeurnprefix.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/HTTPArtifact.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/consent/lib/Consent/Store/Database.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/config-templates/authmemcookie.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/templates/loginuserpass.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/www/sp/saml2-acs.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/negotiate/www/disable.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/metarefresh/hooks/hook_cron.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Error/ConfigurationError.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/IndexedEndpointType.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/www/saml2/idp/SSOService.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/Validation/AssertionValidator.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/samlp/Extensions.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/BaseNameIDGenerator.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/lib/Graph/GoogleCharts.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/www/idp/certs.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Logger/FileLoggingHandler.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/SubjectQuery.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/portal/hooks/hook_htmlinject.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/discopower/config-templates/module_discopower.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/expirycheck/lib/Auth/Process/ExpiryDate.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/exampleattributeserver/www/attributeserver.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Locale/Localization.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/www/sp/discoresp.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Utils/Arrays.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/www/admin/sandbox.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Utils/System.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Constants.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/XHTML/TemplateControllerInterface.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Stats/Output/Log.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Process/AttributeRealm.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/expirycheck/www/about2expire.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/www/as_login.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/casserver/www/tickets.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/adfs/lib/SAML2/XML/fed/SecurityTokenServiceType.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/www/sp/saml1-acs.php - /developer-portal/application/vendor/gettext/gettext/src/Translations.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/attributemap/name2oid.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/SOAP.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/metarefresh/lib/MetaLoader.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/DOMDocumentFactory.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Process/ScopeAttribute.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Source/AdminPassword.php - /developer-portal/application/vendor/gettext/gettext/src/Utils/PhpFunctionsScanner.php - /developer-portal/application/vendor/gettext/gettext/src/Generators/PhpArray.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/mdui/Keywords.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/www/proxy/invalid_session.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/templates/status.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Memcache.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/multiauth/lib/Auth/Source/MultiAuth.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/oauth/www/registry.edit.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authwindowslive/lib/Auth/Source/LiveID.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/consent/lib/Auth/Process/Consent.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Stats.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Signature/FingerprintValidator.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/bin/logcleaner.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/metadata-templates/saml20-idp-hosted.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/Transformer/NameIdDecryptionTransformer.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/Validation/ConstraintValidator/SubjectConfirmationNotBefore.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/Decrypter.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/lib/DateHandlerMonth.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/ArtifactResponse.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/AuthnRequest.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/templates/frontpage_auth.tpl.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/bin/initMDSPdo.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Certificate/Fingerprint.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Configuration/IdentityProvider.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/alg/DigestMethod.php - /developer-portal/application/vendor/gettext/gettext/src/translator_functions.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/templates/proxy/invalid_session.php - /developer-portal/application/vendor/jaimeperez/twig-configurable-i18n/src/Twig/Extensions/TokenParser/Trans.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authwindowslive/www/linkback.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Message.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/attributemap/oid2urn.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/AttributeQuery.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/exampleauth/lib/Auth/Source/External.php - /developer-portal/application/vendor/gettext/gettext/src/Extractors/Extractor.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/bin/memcacheSync.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Process/AttributeCopy.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Storage/SQLPermanentStorage.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/consent/www/getconsent.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Utils.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/cron/www/cron.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/Validation/ConstraintValidator/SubjectConfirmationNotOnOrAfter.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/metadata-templates/saml20-sp-remote.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/HTTPPost.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Response/Processor.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/Error.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/SessionHandlerCookie.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/Auth/Process/AuthnContextClassRef.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/Auth/Process/AttributeNameID.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/IdP/TraditionalLogoutHandler.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/www/frontpage_welcome.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Signature/Validator.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authorize/templates/authorize_403.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Metadata/SAMLBuilder.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/smartattributes/lib/Auth/Process/SmartID.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/lib/StatDataset.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Compat/ContainerSingleton.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/oauth/templates/registry.edit.tpl.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/LogoutRequest.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/Organization.php - /developer-portal/application/vendor/gettext/gettext/src/Extractors/Twig.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/oauth/www/registry.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/riak/lib/Store/Store.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/attributemap/openid2name.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageSource.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/oauth/libextinc/OAuth.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Error/Exception.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/SignedElement.php - /developer-portal/application/vendor/gettext/gettext/src/Extractors/PhpArray.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/exampleauth/lib/Auth/Source/Static.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/www/statmeta.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Error/BadRequest.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/SSODescriptorType.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/sanitycheck/templates/check.tpl.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Configuration/ServiceProvider.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/attributemap/windowslive2name.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/Error/NoAuthnContext.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/adfs/www/idp/metadata.php - /developer-portal/application/vendor/gettext/gettext/src/Extractors/CsvDictionary.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Auth/TimeLimitedToken.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Utils/Crypto.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authtwitter/www/linkback.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Auth/ProcessingFilter.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Response/Validation/ConstraintValidator/IsSuccessful.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/adfs/lib/XMLSecurityDSig.php - /developer-portal/application/vendor/jaimeperez/twig-configurable-i18n/src/Twig/Environment.php - /developer-portal/application/vendor/jaimeperez/twig-configurable-i18n/src/Twig/Extensions/Node/Trans.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/consent/templates/noconsent.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/IdP/SAML1.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/hooks/hook_sanitycheck.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/Auth/Process/PersistentNameID.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Locale/Language.php - /developer-portal/application/vendor/gettext/gettext/src/Extractors/YamlDictionary.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authmyspace/lib/Auth/Source/MySpace.php - /developer-portal/application/vendor/gettext/gettext/src/Extractors/Mo.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/www/idp/logout-iframe.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/consent/dictionaries/consent.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/SP/LogoutStore.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authorize/www/authorize_403.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/Message.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/adfs/lib/SAML2/XML/fed/TokenTypesOffered.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Utils/Net.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authorize/lib/Auth/Process/Authorize.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/Validation/ConstraintValidator/NotOnOrAfter.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Locale/Translate.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Configuration/CertificateProvider.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/consent/www/noconsent.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Process/ScopeFromAttribute.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/metarefresh/bin/metarefresh.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/www/postredirect.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/mdrpi/PublicationInfo.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Response.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Bindings/Shib13/Artifact.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/consent/lib/Store.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/AuthnAuthorityDescriptor.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/casserver/www/serviceValidate.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Binding.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/Auth/Process/FilterScopes.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/_autoload.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/ldap/lib/ConfigHelper.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/cron/bin/cron.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/hooks/hook_cron.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/templates/login-ldapmulti.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authfacebook/www/linkback.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/cron/templates/croninfo.tpl.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/cdc/www/resume.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/templates/logout-iframe.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/www/admin/index.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/cdc/lib/Auth/Process/CDC.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/www/saml2/idp/initSLO.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/ldap/lib/Auth/Source/LDAP.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Error/AuthSource.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/multiauth/www/selectsource.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/XML/Parser.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/attributemap/urn2name.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Utils/HTTP.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Error/Error.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/www/admin/hostnames.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/negotiate/www/enable.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/expirycheck/templates/expired.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/cas/lib/Auth/Source/CAS.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/www/sp/metadata.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/www/short_sso_interval.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authYubiKey/lib/Auth/Source/YubiKey.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Error/ErrorCodes.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/bin/loganalyzer.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/Transformer/DecodeBase64Transformer.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/templates/frontpage_config.tpl.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/templates/metadata-converter.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/lib/Aggregator.php - /developer-portal/application/vendor/gettext/gettext/src/Extractors/Jed.php - /developer-portal/application/vendor/gettext/gettext/src/Generators/YamlDictionary.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/www/saml2/idp/SingleLogoutService.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/templates/short_sso_interval.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/ldap/lib/Auth/Process/AttributeAddUsersGroups.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Compat/AbstractContainer.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/attributemap/name2urn.php - /developer-portal/application/vendor/gettext/gettext/src/Generators/Po.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/XML/Shib13/AuthnRequest.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/Chunk.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/memcacheMonitor/www/memcachestat.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/saml/SubjectConfirmation.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/templates/statmeta.tpl.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/AttributeAuthorityDescriptor.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authX509/templates/X509error.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/sqlauth/lib/Auth/Source/SQL.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Process/ExtendIdPSession.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/discopower/templates/disco.tpl.php - /developer-portal/application/vendor/jaimeperez/twig-configurable-i18n/src/Twig/Extensions/Extension/I18n.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Compat/Ssp/Container.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/templates/metadata.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/lib/Statistics/FieldPresentation/Entity.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/AffiliationDescriptor.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authYubiKey/www/yubikeylogin.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/expirycheck/www/expired.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/adfs/lib/SAML2/XML/fed/Endpoint.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/Validation/ConstraintValidator/SubjectConfirmationResponseToMatches.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/SessionHandlerPHP.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/cdc/lib/Client.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/templates/statistics.tpl.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/Error/NoPassive.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Session.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/exampleauth/www/authpage.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/templates/includes/header-embed.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/Auth/Process/SQLPersistentNameID.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Utils/Config/Metadata.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/mdattr/EntityAttributes.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/cron/lib/Cron.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/saml/lib/Auth/Process/NameIDAttribute.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/Validation/ConstraintValidator/SubjectConfirmationMethod.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/IdP/IFrameLogoutHandler.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Error/Assertion.php - /developer-portal/application/vendor/gettext/gettext/src/Extractors/JsCode.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/attributemap/deprecatedSchacNS.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/www/cleardiscochoices.php - /developer-portal/application/vendor/gettext/gettext/src/TranslatorInterface.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/UserPassBase.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/lib/LogCleaner.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Utilities/Certificate.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/hooks/hook_sanitycheck.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/www/frontpage_config.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/XML/Validator.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Error/CriticalConfigurationError.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/EntitiesDescriptor.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/cdc/lib/Server.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/IdP.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authfacebook/lib/Auth/Source/Facebook.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/IDPSSODescriptor.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/saml/AttributeValue.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Assertion/ProcessorBuilder.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authlinkedin/www/linkback.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Auth/ProcessingChain.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Utils/Time.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/www/authmemcookie.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/memcacheMonitor/templates/memcachestat.tpl.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/attributemap/oid2name.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Process/AttributeLimit.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/oauth/hooks/hook_cron.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authcrypt/lib/Auth/Source/Hash.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/ds/X509Data.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Store.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/ds/X509Certificate.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Response/Validation/ConstraintValidator/DestinationMatches.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/Configuration/PrivateKey.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/www/loginuserpassorg.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/HTTPRedirect.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/saml/NameIDType.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Logger/SyslogLoggingHandler.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/SOAPClient.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/attributemap/urn2oid.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authX509/lib/Auth/Source/X509userCert.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/templates/show_metadata.tpl.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/smartattributes/lib/Auth/Process/SmartName.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/SessionHandlerStore.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Auth/State.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/metarefresh/www/fetch.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/oauth/templates/registry.list.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/lib/Ruleset.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authmyspace/www/linkback.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/templates/includes/header.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Error/NotFound.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/lib/Auth/Process/WarnShortSSOInterval.php - /developer-portal/application/vendor/gettext/gettext/src/Generators/Jed.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/config-templates/module_statistics.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/core/www/idp/logout-iframe-post.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/authfacebook/extlibinc/base_facebook.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/RequestedAttribute.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Utils/XML.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/casserver/www/login.php - /developer-portal/application/vendor/simplesamlphp/saml2/src/SAML2/XML/md/EntityDescriptor.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/statistics/lib/RatioDataset.php - /developer-portal/application/vendor/simplesamlphp/simplesamlphp/modules/cas/www/linkback.php

Vulnerability Details

The XmlSecLibs library as used in the saml2 library in SimpleSAMLphp before 1.15.3 incorrectly verifies signatures on SAML assertions, allowing a remote attacker to construct a crafted SAML assertion on behalf of an Identity Provider that would pass as cryptographically valid, thereby allowing them to impersonate a user from that Identity Provider, aka a key confusion issue.

Publish Date: 2018-03-05

URL: CVE-2018-7644

CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-7644

Release Date: 2018-03-05

Fix Resolution: 1.15.3

---

Step up your Open Source Security Game with WhiteSource here

[forevermatt]

Not applicable: We are already using a newer version of SimpleSAMLphp than 1.15.3.