It was discovered that in SimpleSAMLphp, an implementation of the SAML 2.0 protocol, is prone to a XXE vulnerability when loading an (untrusted) XML document.
https://security-tracker.debian.org/tracker/DSA-5822-1
Continue reading...
https://security-tracker.debian.org/tracker/DSA-5822-1
Continue reading...