Description
The crewjam/saml go library prior to version 0.4.9 is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements. This issue has been corrected in version 0.4.9. There are no workarounds other than upgrading to a fixed version.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/170356/crewjam-saml-Signature-Bypass.html
Patch, Third Party Advisory
https://github.com/crewjam/saml/commit/aee3fb1edeeaf1088fcb458727e0fd863d277f8b
Third Party Advisory
https://github.com/crewjam/saml/security/advisories/GHSA-j2jp-wvqg-wc2g
Scores
CVSS v3
9.1
EPSS
0.0029
EPSS Percentile
52.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-287
Status
published
Products (2)
crewjam/saml
0 - 0.4.9Go
saml_project/saml
< 0.4.9
Published
Nov 28, 2022
Tracked Since
Feb 18, 2026