GHSA-w3wf-cfx3-6gcx

Source

https://github.com/advisories/GHSA-w3wf-cfx3-6gcx

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-w3wf-cfx3-6gcx/GHSA-w3wf-cfx3-6gcx.json

JSON Data

https://api.test.osv.dev/v1/vulns/GHSA-w3wf-cfx3-6gcx

Aliases

CVE-2020-26276

Related

CVE-2020-26276

Published

2022-02-11T23:59:14Z

Modified

2023-11-01T04:52:45.429890Z

Summary

SAML authentication vulnerability due to stdlib XML parsing

Details

Impact

Due to issues in Go's standard library XML parsing, a valid SAML response may be mutated by an attacker to modify the trusted document. This can result in allowing unverified logins from a SAML IdP.

Users that configure Fleet with SSO login may be vulnerable to this issue.

Patches

This issue is patched in 3.5.1 using https://github.com/mattermost/xml-roundtrip-validator.

Workarounds

If upgrade to 3.5.1 is not possible, users should disable SSO authentication in Fleet.

References

See https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/ for more information about the underlying vulnerabilities.

For more information

If you have any questions or comments about this advisory: * Email us at security@fleetdm.com * Join #fleet in osquery Slack

Database specific

{
    "nvd_published_at": "2020-12-17T20:15:00Z",
    "cwe_ids": [
        "CWE-290"
    ],
    "severity": "HIGH",
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-21T20:46:21Z"
}

References

Affected packages

Go / github.com/fleetdm/fleet/v4

Package

Name: github.com/fleetdm/fleet/v4; View open source insights on deps.dev
Purl: pkg:golang/github.com/fleetdm/fleet/v4

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.5.1