github.com/russellhaering/gosaml2 is vulnerable to Denial Of Service (DoS). The vulnerability exists because the library does not limit the maximum compression ratio achievable with deflate
, possibly allowing an attacker to cause the process to crash by sending maliciously crafted deflate-compress requests.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/russellhaering/gosaml2 | le | v0.8.1 | |
github.com/russellhaering/gosaml2 | le | v0.8.1 |