Critical severityNVD Advisory· Published Feb 26, 2024· Updated Aug 26, 2025
CVE-2024-1735
CVE-2024-1735
Description
A vulnerability has been identified in armeria-saml versions less than 1.27.2, allowing the use of malicious SAML messages to bypass authentication. All users who rely on armeria-saml older than version 1.27.2 must upgrade to 1.27.2 or later.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.linecorp.armeria:armeria-samlMaven | < 1.27.2 | 1.27.2 |
Affected products
2- LINE Corporation/Armeriav5Range: 0.69.0
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-4m6j-23p2-8c54ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-1735ghsaADVISORY
- github.com/line/armeria/blob/0efc776988d71be4da6e506ec8a33c2b7b43f567/saml/src/main/java/com/linecorp/armeria/server/saml/SamlMessageUtil.javaghsaWEB
- github.com/line/armeria/commit/b2aa9f49b46a7b0e03d8b8d753809cd1e8e2016cghsaWEB
- github.com/line/armeria/releases/tag/armeria-1.27.2ghsaWEB
- github.com/line/armeria/security/advisories/GHSA-4m6j-23p2-8c54ghsaWEB
News mentions
0No linked articles in our index yet.