Impact
The crewjam/saml go library is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements.
Patches
This issue has been corrected in version 0.4.9
Credit
This issue was reported by Felix Wilhelm from Google Project Zero.
References
- https://github.com/crewjam/saml/security/advisories/GHSA-j2jp-wvqg-wc2g
- https://nvd.nist.gov/vuln/detail/CVE-2022-41912
- https://github.com/crewjam/saml/commit/aee3fb1edeeaf1088fcb458727e0fd863d277f8b
- https://github.com/crewjam/saml/releases/tag/v0.4.9
- https://github.com/advisories/GHSA-j2jp-wvqg-wc2g