CVE-2018-7711

EPSS 0.32% · P55 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-7711

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP functionality that interprets a -1 error code as a true boolean value.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

SimpleSAMLphp saml2库安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

SimpleSAMLphp是一套实现了SAML 2.0服务提供者和标识提供者功能的PHP身份验证应用程序。SAML2 library是其中的一个安全声明标记语言库。 SimpleSAMLphp 1.15.4之前版本中的SAML2库的HTTPRedirect.php文件存在安全漏洞，该漏洞源于在签名验证实用程序中，程序没有正确的验证返回值。攻击者可利用该漏洞使设备接受无效签名，并将其视为有效。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2018-7711

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-7711

请登录查看更多情报信息。

Be strict when checking return values. · simplesamlphp/saml2@4f6af7f · GitHubx_refsource_CONFIRM
https://simplesamlphp.org/security/201803-01x_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2018/03/msg00017.htmlmailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2018-7711

Same Patch Batch · n/a · 2018-03-05 · 31 CVEs total

CVE-2017-18215		xv 安全漏洞
CVE-2018-7717		Joomla! Kubik-Rubik Simple Image Gallery Extended扩展跨站脚本漏洞
CVE-2018-7716		PrivateVPN for macOS 权限许可和访问控制问题漏洞
CVE-2018-7715		PrivateVPN for macOS 权限许可和访问控制问题漏洞
CVE-2018-7714		OpenCV 安全漏洞
CVE-2018-7713		OpenCV 安全漏洞
CVE-2018-7712		OpenCV 安全漏洞
CVE-2017-18220		GraphicsMagick 安全漏洞
CVE-2017-18219		GraphicsMagick 安全漏洞
CVE-2018-7493		CactusVPN for macOS privileged helper工具权限许可和访问控制问题漏洞
CVE-2017-18218		Linux kernel 安全漏洞
CVE-2017-18217		InvoicePlane 跨站脚本漏洞
CVE-2018-7698		D-Link DCS-933L和DCS-934L 安全漏洞
CVE-2018-5255		Arista EOS Mlag agent 安全漏洞
CVE-2017-18216		Linux kernel 安全漏洞
CVE-2018-7663		Voten.co 安全漏洞
CVE-2017-17428		Cavium Nitrox SSL、Nitrox V SSL和TurboSSL software development kits 信息泄露漏洞
CVE-2017-16922		Wowza Streaming Engine 路径遍历漏洞
CVE-2018-5455		Moxa OnCell G3100-HSPA Series 安全漏洞
CVE-2018-5453		Moxa OnCell G3100-HSPA Series 安全漏洞

Showing top 20 of 31 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2018-7711

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2018-7711

I. Basic Information for CVE-2018-7711

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-7711

III. Intelligence Information for CVE-2018-7711

Same Patch Batch · n/a · 2018-03-05 · 31 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2018-7711

Leave a comment