passport-saml <= 3.2.1 has signature bypass vulnerability
See original GitHub issueSee
- https://github.com/node-saml/passport-saml/security/advisories/GHSA-m974-647v-whv7
- https://github.com/node-saml/passport-saml/releases/tag/v3.2.2
Workaround (according to security advisory): Disable SAML authentication.
backstage
’s current passport-saml
version:
https://github.com/backstage/backstage/blob/2bb7fa54d76b1190274e9430cb49279af469b79f/plugins/auth-backend/package.json#L73
Issue Analytics
- State:
- Created a year ago
- Comments:7 (7 by maintainers)
Top Results From Across the Web
Recent Vulnerability in passport-saml (CVE-2022-39299)
A remote attacker may be able to bypass SAML authentication on a website using passport-saml. A successful attack requires that the attacker is...
Read more >passport-saml@1.3.4 - Snyk Vulnerability Database
Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature by allowing a remote attacker to bypass SAML ...
Read more >CVE-2022-39299 Detail - NVD
This vulnerability has been modified and is currently undergoing reanalysis. Please check back soon to view the updated vulnerability summary.
Read more >Passport-SAML auth bypass triggers fix of critical, upstream ...
A critical vulnerability arising from improper input validation has been addressed in XMLDOM, the JavaScript implementation of W3C DOM for Node.
Read more >passport-saml - npm
It is a good idea to validate the signatures of the incoming SAML Responses. For this, you can provide the Identity Provider's public...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Sidenote: The following workaround can be used on local installations
Hey @OrkoHunter, sorry to bump an old thread, but it seems like
passport-saml
was deprecated in favor of@node-saml/passport-saml
: https://www.npmjs.com/package/passport-samlIt also uses an old version of
@xmldom/xmldom
, which has a vulneravility, not sureplugin-auth-backend
is affected by it or not: https://github.com/advisories/GHSA-crh6-fp67-6883