Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQzM3ctbW02aC1ydjlw
Auth bypass in SAML provider
Impact
The following vulnerabilities have been disclosed, which impact users leveraging the SAML auth provider:
Patches
Please upgrade to v1.0.0 or commit hash a2b4dd6bc4ef7562d1df044098b303f564eefa90
Workarounds
No known workarounds.
For more information
If you have any questions or comments about this advisory:
- Open an issue in gotrue
- Email us at [email protected]
JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQzM3ctbW02aC1ydjlw
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: almost 3 years ago
Updated: over 1 year ago
Identifiers: GHSA-433w-mm6h-rv9p
References:
- https://github.com/netlify/gotrue/security/advisories/GHSA-433w-mm6h-rv9p
- https://github.com/advisories/GHSA-433w-mm6h-rv9p
Blast Radius: 0.0
Affected Packages
go:github.com/netlify/gotrue
Dependent packages: 1Dependent repositories: 2
Downloads:
Affected Version Ranges: < 1.0.0
Fixed in: 1.0.0
All affected versions:
All unaffected versions: 1.0.0, 1.0.1