Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:37566
HistoryOct 14, 2022 - 1:06 p.m.

Improper Verification Of Cryptographic Signature

2022-10-1413:06:52
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
node-saml
cryptographic signature
saml authentication
xml element
improper checks

EPSS

0.003

Percentile

71.4%

JSON

Node-saml is vulnerable to improper cryptographic signature verification. A remote attacker is able to bypass SAML authentication via an arbitrary IDP signed XML element, due to improper checks for a valid top-level signature in saml.ts .

Related

osv 2
github 1
cve 1
prion 1
cvelist 1
nvd 1
osv
osv
Signature bypass via multiple root elements
2022-10-12 22:05:44
CVE-2022-39300
2022-10-13 22:15:10
github
github
Signature bypass via multiple root elements
2022-10-12 22:05:44
cve
cve
CVE-2022-39300
2022-10-13 22:15:10
prion
prion
Authentication flaw
2022-10-13 22:15:00
cvelist
cvelist
CVE-2022-39300 Signature bypass via multiple root elements in node-SAML
2022-10-13 00:00:00
nvd
nvd
CVE-2022-39300
2022-10-13 22:15:10

EPSS

0.003

Percentile

71.4%

JSON
Related for VERACODE:37566
osv2github1cve1prion1cvelist1nvd1