VYPR

go-saml

by RobotsAndPencils

CVEs (1)

  • CVE-2023-48703Mar 6, 2024
    risk 0.00cvss epss 0.01

    RobotsAndPencils go-saml, a SAML client library written in Go, contains an authentication bypass vulnerability in all known versions. This is due to how the `xmlsec1` command line tool is called internally to verify the signature of SAML assertions. When `xmlsec1` is used…