CVE-2024-25718
The CVE-2024-25718 issue affects the Samly package for Elixir prior to 1.4.0. The vulnerability stems from Samly.State.Store.get_assertion/3 returning an expired session, and Samly.AuthHandler caching that session so it is not replaced after expiry, potentially bypassing access controls. Affected...