All 3 CVE vulnerabilities found in saml, with AI-generated Chinese analysis, references, and POCs.
Vendor: crewjam
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-45683 | Cross site scripting via missing binding syntax validation In ACS location in github.com/crewjam/saml CWE-79 | 7.1 | High | 2023-10-16 |
| CVE-2023-28119 | crewjam/saml vulnerable to Denial Of Service Via Deflate Decompression Bomb CWE-770 | 7.5 | High | 2023-03-22 |
| CVE-2022-41912 | crewjam/saml go library is vulnerable to signature bypass via multiple Assertion elements CWE-287 | 9.1 | Critical | 2022-11-28 |
All 3 known CVE vulnerabilities affecting saml with full Chinese analysis, references, and POCs where available.