Vulnerabilities > CVE-2020-7731 - NULL Pointer Dereference vulnerability in Gosaml2 Project Gosaml2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
This affects all versions <0.7.0 of package github.com/russellhaering/gosaml2. There is a crash on nil-pointer dereference caused by sending malformed XML signatures.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
References
- https://github.com/russellhaering/gosaml2/issues/59
- https://github.com/russellhaering/gosaml2/issues/59
- https://github.com/russellhaering/gosaml2/releases/tag/v0.7.0
- https://github.com/russellhaering/gosaml2/releases/tag/v0.7.0
- https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMRUSSELLHAERINGGOSAML2-608302
- https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMRUSSELLHAERINGGOSAML2-608302