A signature verification vulnerability in crewjam/saml allows bypassing of SAML Authentication, posing high risks to confidentiality, integrity, and availability
Reporter | Title | Published | Views | Family All 32 |
---|---|---|---|---|
Fedora | [SECURITY] Fedora 33 Update: grafana-7.3.6-1.fc33 | 5 Jan 202101:26 | – | fedora |
Fedora | [SECURITY] Fedora 32 Update: grafana-7.3.6-1.fc32 | 5 Jan 202101:19 | – | fedora |
RedhatCVE | CVE-2020-27846 | 18 Dec 202000:03 | – | redhatcve |
RedhatCVE | CVE-2020-29510 | 17 Dec 202008:42 | – | redhatcve |
RedhatCVE | CVE-2020-29509 | 17 Dec 202001:26 | – | redhatcve |
RedhatCVE | CVE-2020-29511 | 17 Dec 202002:11 | – | redhatcve |
OpenVAS | Fedora: Security Advisory for grafana (FEDORA-2020-968067abfa) | 11 Jan 202100:00 | – | openvas |
OpenVAS | Fedora: Security Advisory for grafana (FEDORA-2020-64e54abd9f) | 11 Jan 202100:00 | – | openvas |
OSV | Signature validation bypass due to XML processing error in github.com/crewjam/saml | 14 Apr 202120:04 | – | osv |
OSV | CVE-2020-27846 | 21 Dec 202016:15 | – | osv |
[
{
"product": "crewjam/saml",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "grafana-7.3.6, grafana-7.2.3, grafana-6.7.5, github.com/crewjam/saml-0.4.3"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo