GHSA-4m6j-23p2-8c54
First published: Mon Feb 26 2024(Updated: )
### Impact The SAML implementation provided by `armeria-saml` currently accepts unsigned SAML messages (assertions, logout requests, etc.) as they are, rather than rejecting them by default. As a result, an attacker can forge a SAML message to authenticate themselves, despite the fact that such an unsigned SAML message should be rejected. ### Patches The vulnerability has been patched in Armeria version 1.27.2. All users who rely on `armeria-saml` older than version 1.27.2 must upgrade to 1.27.2 or later. ### Workarounds There is no known workaround for this vulnerability. ### References [`SamlMessageUtil.validateSignature()`](https://github.com/line/armeria/blob/0efc776988d71be4da6e506ec8a33c2b7b43f567/saml/src/main/java/com/linecorp/armeria/server/saml/SamlMessageUtil.java#L160-L163)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| maven/com.linecorp.armeria:armeria-saml | <=1.27.1 | 1.27.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/line/armeria/security/advisories/GHSA-4m6j-23p2-8c54
- https://nvd.nist.gov/vuln/detail/CVE-2024-1735
- https://github.com/line/armeria/commit/b2aa9f49b46a7b0e03d8b8d753809cd1e8e2016c
- https://github.com/line/armeria/blob/0efc776988d71be4da6e506ec8a33c2b7b43f567/saml/src/main/java/com/linecorp/armeria/server/saml/SamlMessageUtil.java#L160-L163
- https://github.com/line/armeria/releases/tag/armeria-1.27.2
- https://github.com/advisories/GHSA-4m6j-23p2-8c54 (Advisory)
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-4m6j-23p2-8c54
- alias/CVE-2024-1735
- agent/software-canonical-lookup
- agent/references
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/event
- agent/description
- agent/type
- agent/tags
- collector/github-advisory
- package-manager/maven