GHSA-5684-g483-2249

Suggest an improvement
Source
https://github.com/advisories/GHSA-5684-g483-2249
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/05/GHSA-5684-g483-2249/GHSA-5684-g483-2249.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-5684-g483-2249
Published
2021-05-24T16:59:47Z
Modified
2021-10-05T17:07:09Z
Summary
Signature Validation Bypass
Details

Impact

Given a valid SAML Response, an attacker can potentially modify the document, bypassing signature validation in order to pass off the altered document as a signed one.

This enables a variety of attacks, including users accessing accounts other than the one to which they authenticated in the identity provider, or full authentication bypass if an external attacker can obtain an expired, signed SAML Response.

Patches

A patch is available, users of gosaml2 should upgrade to v0.5.0 or higher.

References

See the underlying advisory on goxmldsig for more details.

Database specific
{
    "nvd_published_at": null,
    "cwe_ids": [
        "CWE-347"
    ],
    "severity": "CRITICAL",
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-21T22:17:56Z"
}
References

Affected packages

Go / github.com/russellhaering/gosaml2

Package

Name
github.com/russellhaering/gosaml2
View open source insights on deps.dev
Purl
pkg:golang/github.com/russellhaering/gosaml2

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.5.0