Shibboleth Identity Provider
By the Year
In 2024 there have been 0 vulnerabilities in Shibboleth Identity Provider . Identity Provider did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 7.50 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Identity Provider vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Shibboleth Identity Provider Security Vulnerabilities
Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw
CVE-2020-27978
7.5 - High
- October 28, 2020
Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote unauthenticated attacker can cause a login flow to trigger Java heap exhaustion due to the creation of objects in the Java Servlet container session.
Allocation of Resources Without Limits or Throttling
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Shibboleth Identity Provider or by Shibboleth? Click the Watch button to subscribe.
