CVE-2025-31335

The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation (when using SAML bindings that rely on non-XML signatures).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
mitreCNA
4 MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Debian logo
Debian Releases
Debian Product
Codename
opensaml
bullseye
vulnerable
bullseye (security)
3.2.0-2+deb11u1
fixed
bookworm
3.2.1-3+deb12u1
fixed
bookworm (security)
3.2.1-3+deb12u1
fixed
sid
3.3.1-2
fixed
trixie
3.3.1-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
opensaml
plucky
Fixed 3.3.0-2ubuntu1
released
oracular
Fixed 3.2.1-4.1ubuntu0.24.10.1
released
noble
Fixed 3.2.1-4.1ubuntu0.24.04.1
released
jammy
Fixed 3.2.1-1ubuntu0.1
released
focal
Fixed 3.0.1-1ubuntu0.1
released
opensaml2
bionic
Fixed 2.6.1-1ubuntu0.1~esm1
released
xenial
Fixed 2.5.5-1ubuntu0.1+esm1
released
trusty
ignored
Common Weakness Enumeration
References
https://git.shibboleth.net/view/?p=cpp-opensaml.git;a=commit;h=22a610b322e2178abd03e97cdbc8fb50b45efaee
https://lists.debian.org/debian-security-announce/2025/msg00041.html
https://shibboleth.atlassian.net/browse/CPPOST-126
https://shibboleth.net/community/advisories/secadv_20250313.txt