...
Service Provider Vulnerability Matrix
The oldest SP version unaffected by fixable vulnerabilities (excepting the advisory from 2016-05-04) isĀ V2.6.1 in conjunction with OpenSAML 2.5.5, Xerces 3.1.4, and OpenSSL 1.0.2h.
Version | EOL | User Data Exposure | Resource Exposure | Session Hijacking | Denial of Service | Remote Exploit | Advisories |
---|---|---|---|---|---|---|---|
All | X | X | X | 2018-02-27, 2018-01-23, 2018-01-12, 2016-06-29, 2016-05-04, 2014-06-08, 2014-04-09, 2013-12-02, 2011-10-24 | |||
2.6.1 | X | X | X | ||||
2.6.0 | Nov 2017 | X | X | X | 2017-11-15 | ||
2.5.6 | Jun 2016 | X | X | X | |||
2.5.5 | Feb 2016 | X | X | X | |||
2.5.4 | Jul 2015 | X | X | X | X | 2015-07-21 | |
2.5.3 | Mar 2015 | X | X | X | X | 2015-03-19 | |
2.5.2 | Dec 2013 | X | X | X | X | ||
2.5.0 - 2.5.1 | June 2013 | X | X | X | 2013-06-18, 2013-01-10 | ||
2.4.3 | Nov 2012 | X | X | X | X | 2012-04-19 | |
2.4.0 - 2.4.2 | Jul 2011 | X | X | X | X | 2011-07-25, 2011-07-06 | |
2.3.0 - 2.3.1 | Dec 2010 | X | X | X | X | ||
2.2.1 | Nov 2009 | X | X | X | X | X | 2009-11-04, 2009-08-26 |
2.2.0 | Aug 2009 | X | X | X | X | X | 2009-08-17 |
2.0.0 - 2.1.0 | Jun 2009 | X | X | X | X | X | 2009-06-15 |
...