threat
engine
.sh
Back
·
··:··
Home
/
Product
/
mendix saml
Product
mendix saml
18 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-64131
< 4.583.585.v22ccc1139f55
Jenkins SAML Plugin 4.583.vc68232f7018a_ and earlier does not implement a replay cache, allowing attackers able to obtain informat
7.5
HIGH
CVE-2023-45683
< 0.4.14
github.com/crewjam/saml is a saml library for the go language. In affected versions the package does not validate the ACS Location
7.1
HIGH
CVE-2023-29129
>= 1.16.4 and < 1.18.0
A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.17.3 < V1.18.0), Mendix SAML (Mendix
9.1
CRITICAL
CVE-2022-45597
all versions
ComponentSpace.Saml2 4.4.0 Missing SSL Certificate Validation. NOTE: the vendor does not consider this a vulnerability because the
9.8
CRITICAL
CVE-2023-28119
all versions
The crewjam/saml go library contains a partial implementation of the SAML standard in golang. Prior to version 0.4.13, the package
7.5
HIGH
CVE-2023-25957
>= 1.16.4 and < 1.17.2
A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.16.4 < V1.17.3), Mendix SAML (Mendix
9.1
CRITICAL
CVE-2022-46823
>= 2.3.0 and < 2.3.4
A vulnerability has been identified in Mendix SAML (Mendix 8 compatible) (All versions >= V2.3.0 < V2.3.4), Mendix SAML (Mendix 9
9.3
CRITICAL
CVE-2022-41912
< 0.4.9
The crewjam/saml go library prior to version 0.4.9 is vulnerable to an authentication bypass when processing SAML responses contai
9.1
CRITICAL
CVE-2022-44457
< 1.17.0
A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions < V1.17.0), Mendix SAML (Mendix 7 compatibl
9.8
CRITICAL
CVE-2022-37011
< 1.17.0
A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions < V1.17.0), Mendix SAML (Mendix 8 compatibl
9.8
CRITICAL
CVE-2022-32286
< 1.16.6
A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.16.6), Mendix SAML Module (Mend
6.1
MEDIUM
CVE-2022-32285
< 1.16.6
A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.16.6), Mendix SAML Module (Mend
7.5
HIGH
CVE-2021-21678
>= 1.1.3 and <= 2.0.7
Jenkins SAML Plugin 2.0.7 and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Je
8.8
HIGH
CVE-2021-36786
< 1.4.3
The miniorange_saml (aka Miniorange Saml) extension before 1.4.3 for TYPO3 allows Sensitive Data Exposure of API credentials and p
7.5
HIGH
CVE-2021-36785
< 1.4.3
The miniorange_saml (aka Miniorange Saml) extension before 1.4.3 for TYPO3 allows XSS.
5.4
MEDIUM
CVE-2021-33712
< 2.1.2
A vulnerability has been identified in Mendix SAML Module (All versions < V2.1.2). The configuration of the SAML module does not p
8.8
HIGH
CVE-2020-27846
< 0.4.3
A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The hig
9.8
CRITICAL
CVE-2018-1000602
<= 1.0.6
A session fixation vulnerability exists in Jenkins SAML Plugin 1.0.6 and earlier in SamlSecurityRealm.java that allows unauthorize
5.9
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin