github.com/crewjam/saml is vulnerable to authentication bypass. The vulnerability exists in multiple functions of service_provider.go
when processing SAML responses containing multiple assertion elements which allows an attacker to bypass the signature.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/crewjam/saml | le | v0.4.8 | |
github.com/crewjam/saml | le | v0.4.8 |