CVE-2025-31335

EUVD-2025-14769
The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation (when using SAML bindings that rely on non-XML signatures).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
Debian logo
Debian Releases
Debian Product
Codename
opensaml
bookworm
3.2.1-3+deb12u1
fixed
bookworm (security)
3.2.1-3+deb12u1
fixed
bullseye
vulnerable
bullseye (security)
3.2.0-2+deb11u1
fixed
forky
3.3.1-4
fixed
sid
3.3.1-4
fixed
trixie
3.3.1-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
opensaml
focal
Fixed 3.0.1-1ubuntu0.1
released
jammy
Fixed 3.2.1-1ubuntu0.1
released
noble
Fixed 3.2.1-4.1ubuntu0.24.04.1
released
oracular
Fixed 3.2.1-4.1ubuntu0.24.10.1
released
plucky
Fixed 3.3.0-2ubuntu1
released
opensaml2
bionic
Fixed 2.6.1-1ubuntu0.1~esm1
released
trusty
ignored
xenial
Fixed 2.5.5-1ubuntu0.1+esm1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libsaml-devel
suse enterprise sap 15 SP6
3.1.0-150300.3.3.1
fixed
suse enterprise sap 15 SP7
3.1.0-150300.3.3.1
fixed
suse enterprise server 15 SP4
3.1.0-150300.3.3.1
fixed
suse enterprise server 15 SP6
3.1.0-150300.3.3.1
fixed
suse enterprise server 15 SP7
3.1.0-150300.3.3.1
fixed
libsaml11
suse enterprise sap 15 SP6
3.1.0-150300.3.3.1
fixed
suse enterprise sap 15 SP7
3.1.0-150300.3.3.1
fixed
suse enterprise server 15 SP4
3.1.0-150300.3.3.1
fixed
suse enterprise server 15 SP6
3.1.0-150300.3.3.1
fixed
suse enterprise server 15 SP7
3.1.0-150300.3.3.1
fixed
libsaml8
suse enterprise server 12 SP3
2.5.5-3.6.1
fixed
opensaml-bin
suse enterprise server 12 SP3
2.5.5-3.6.1
fixed
opensaml-schemas
suse enterprise sap 15 SP6
3.1.0-150300.3.3.1
fixed
suse enterprise sap 15 SP7
3.1.0-150300.3.3.1
fixed
suse enterprise server 12 SP3
2.5.5-3.6.1
fixed
suse enterprise server 15 SP4
3.1.0-150300.3.3.1
fixed
suse enterprise server 15 SP6
3.1.0-150300.3.3.1
fixed
suse enterprise server 15 SP7
3.1.0-150300.3.3.1
fixed
Common Weakness Enumeration
References
https://git.shibboleth.net/view/?p=cpp-opensaml.git;a=commit;h=22a610b322e2178abd03e97cdbc8fb50b45efaee
https://lists.debian.org/debian-security-announce/2025/msg00041.html
https://shibboleth.atlassian.net/browse/CPPOST-126
https://shibboleth.net/community/advisories/secadv_20250313.txt