CVE-2017-11430

NameCVE-2017-11430
DescriptionOmniAuth OmnitAuth-SAML 1.9.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severityhigh

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ruby-omniauth-saml (PTS)stretch1.7.0-1fixed
bullseye, sid, buster1.10.0-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
ruby-omniauth-samlsource(unstable)(not affected)

Notes

- ruby-omniauth-saml <not-affected> (The actual vulnerability is in ruby-saml, which is used by the Debian package)
The change in 1.10.0 simply bumps the version requirement
https://github.com/omniauth/omniauth-saml/issues/156
https://github.com/omniauth/omniauth-saml/pull/157
https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
https://www.kb.cert.org/vuls/id/475445

Search for package or bug name: Reporting problems