Shibboleth Opensaml
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Shibboleth Opensaml.
By the Year
In 2026 there have been 0 vulnerabilities in Shibboleth Opensaml.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
It may take a day or so for new Opensaml vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Shibboleth Opensaml Security Vulnerabilities
The (1) BasicParserPool, (2) StaticBasicParserPool, (3) XML Decrypter, and (4) SAML Decrypter in Shibboleth OpenSAML-Java before 2.6.1 set the expandEntityReferences property to true, which
CVE-2013-6440
- February 14, 2014
The (1) BasicParserPool, (2) StaticBasicParserPool, (3) XML Decrypter, and (4) SAML Decrypter in Shibboleth OpenSAML-Java before 2.6.1 set the expandEntityReferences property to true, which allows remote attackers to conduct XML external entity (XXE) attacks via a crafted XML DOCTYPE declaration.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Shibboleth Opensaml or by Shibboleth? Click the Watch button to subscribe.
