Lucene search

K
osvGoogleOSV:GHSA-J2JP-WVQG-WC2G
HistoryNov 29, 2022 - 11:55 p.m.

crewjam/saml vulnerable to signature bypass via multiple Assertion elements due to improper authentication

2022-11-2923:55:54
Google
osv.dev
16
crewjam/saml
authentication bypass
vulnerability
patch
version 0.4.9
felix wilhelm
google project zero
saml
multiple assertion elements

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.006

Percentile

78.0%

Impact

The crewjam/saml go library is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements.

Patches

This issue has been corrected in version 0.4.9.

Credit

This issue was reported by Felix Wilhelm from Google Project Zero.

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.006

Percentile

78.0%