GitHub Advisory DatabaseGHSA-PRJQ-F4Q3-FVFRgithub.com/russellhaering/gosaml2 is vulnerable to NULL Pointer Dereference
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
51.0%
Impact
In versions prior to v0.7.0 it was possible for an attacker to supply an invalid assertion which would trigger a panic due to a nil-pointer dereference.
Patches
The issue was patched in v0.7.0, released on March 2, 2022.
Workarounds
Callers to gosaml2 can use recover() to handle panics to mitigate a potential DoS.
References
See issue #59 for details.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/russellhaering/goxmldsig | lt | 1.1.1 | |
| github.com/russellhaering/gosaml2 | lt | 0.7.0 |
References
github.com/advisories/GHSA-prjq-f4q3-fvfr
github.com/russellhaering/gosaml2/commit/66e3b7affd622b8b24ea1e18845f045e46b23424
github.com/russellhaering/gosaml2/issues/59
github.com/russellhaering/gosaml2/pull/90
github.com/russellhaering/gosaml2/releases/tag/v0.7.0
github.com/russellhaering/gosaml2/security/advisories/GHSA-prjq-f4q3-fvfr
github.com/russellhaering/goxmldsig/issues/48
snyk.io/vuln/SNYK-GOLANG-GITHUBCOMRUSSELLHAERINGGOSAML2-608302
Related
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
51.0%