CPE
Multiple vulnerabilities have been discovered in Shibboleth Identity Provider and OpenSAML Java library that allow an attacker to cause a remote denial of service and security policy bypass, addressed in versions 5.2.2 and later.