| module = "github.com/crewjam/saml" |
| |
| description = """ |
| An XML message can be maliciously crafted such that signature |
| verification is bypassed. |
| """ |
| |
| cve = "CVE-2020-27846" |
| |
| credit = "" |
| |
| symbols = [ |
| "IdpAuthnRequest.Validate", |
| "ServiceProvider.ParseXMLResponse", |
| "ServiceProvider.ValidateLogoutResponseForm", |
| "ServiceProvider.ValidateLogoutResponseRedirect" |
| ] |
| |
| published = "2021-04-14T12:00:00Z" |
| |
| [[versions]] |
| fixed = "v0.4.3" |
| |
| [[additional_packages]] |
| module = "github.com/crewjam/saml" |
| package = "github.com/crewjam/saml/samlidp" |
| smybols = ["getSPMetadata"] |
| [[additional_packages.versions]] |
| fixed = "v0.4.3" |
| |
| [[additional_packages]] |
| module = "github.com/crewjam/saml" |
| package = "github.com/crewjam/saml/samlsp" |
| smybols = ["ParseMetadata"] |
| [[additional_packages.versions]] |
| fixed = "v0.4.3" |
| |
| [links] |
| commit = "https://github.com/crewjam/saml/commit/da4f1a0612c0a8dd0452cf8b3c7a6518f6b4d053" |
| context = ["https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9"] |
