Skip to content

Signature Validation Bypass

Critical severity GitHub Reviewed Published Sep 29, 2020 in russellhaering/gosaml2 • Updated Jan 9, 2023

Package

gomod github.com/russellhaering/gosaml2 (Go)

Affected versions

< 0.5.0

Patched versions

0.5.0

Description

Impact

Given a valid SAML Response, an attacker can potentially modify the document, bypassing signature validation in order to pass off the altered document as a signed one.

This enables a variety of attacks, including users accessing accounts other than the one to which they authenticated in the identity provider, or full authentication bypass if an external attacker can obtain an expired, signed SAML Response.

Patches

A patch is available, users of gosaml2 should upgrade to v0.5.0 or higher.

References

See the underlying advisory on goxmldsig for more details.

References

@russellhaering russellhaering published to russellhaering/gosaml2 Sep 29, 2020
Reviewed May 21, 2021
Published to the GitHub Advisory Database May 24, 2021
Last updated Jan 9, 2023

Severity

Critical

Weaknesses

CVE ID

No known CVE

GHSA ID

GHSA-5684-g483-2249

Source code

Credits

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.