Create 202412-01.md

CVE-2024-52596
simplesamlphp · Dec 2, 2024 · 1440a1e · 1440a1e
1 parent 099b826
commit 1440a1e
Showing 1 changed file with 40 additions and 0 deletions.
diff --git a/security/202412-01.md b/security/202412-01.md
@@ -0,0 +1,40 @@
+---
+layout: default
+title: "SSPSA 202412-01: XXE in parsing SAML messages"
+---
+
+<aside><div class="sidebar-warning right">
+<h2>Date</h2>
+2 December 2024
+<h2>Affected versions</h2>
+
+<code>SimpleSAMLphp 2.3.0 - 2.3.4</code><br/>
+<code>SimpleSAMLphp 2.2.0 - 2.2.4</code><br/>
+<code>SimpleSAMLphp 2.1.0 - 2.1.7</code><br/>
+<code>SimpleSAMLphp 2.0.0 - 2.0.14</code><br/>
+
+<code>Any older version</code><br/>
+<h2>Severity</h2>
+High - CVE 8.3
+</div></aside>
+
+# 202412-01
+
+**XXE in parsing SAML messages**
+
+### Description
+
+When loading an (untrusted) XML document, for example the SAMLResponse, it's possible to induce an XXE.
+
+### Mitigation:
+
+Remove the `LIBXML_DTDLOAD | LIBXML_DTDATTR` options from `$options` is in: https://github.com/simplesamlphp/saml2/blob/717c0adc4877ebd58428637e5626345e59fa0109/src/SAML2/DOMDocumentFactory.php#L41
+
+### Background / details
+
+To be published on Dec 8th
+
+### Credit
+
+This vulnerability was discovered and reported by ahacker1-securesaml on November 18, 2024.
+It is registered under CVE-2024-52596.