Lucene search
SnykCVELIST:CVE-2020-7731HistoryApr 30, 2021 - 12:00 a.m.
CVE-2020-7731 Denial of Service (DoS)
2021-04-3000:00:00
snyk
www.cve.org
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P
0.001 Low
EPSS
Percentile
51.0%
This affects all versions <0.7.0 of package github.com/russellhaering/gosaml2. There is a crash on nil-pointer dereference caused by sending malformed XML signatures.
CNA Affected
[
{
"vendor": "n/a",
"product": "github.com/russellhaering/gosaml2",
"versions": [
{
"version": "0",
"status": "affected",
"lessThan": "unspecified",
"versionType": "custom"
}
]
}
]Related
veracode
veracode
Denial Of Service (DoS)
2020-11-06 06:29:59
github
github
github.com/russellhaering/gosaml2 is vulnerable to NULL Pointer Dereference
2022-11-15 19:05:07
cve
cve
CVE-2020-7731
2021-04-30 16:15:07
prion
prion
Null pointer dereference
2021-04-30 16:15:00
nvd
nvd
CVE-2020-7731
2021-04-30 16:15:07
osv
osv
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P
0.001 Low
EPSS
Percentile
51.0%
Related for CVELIST:CVE-2020-7731