CVE-2017-11430

NameCVE-2017-11430
DescriptionOmniAuth OmnitAuth-SAML 1.9.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ruby-omniauth-saml (PTS)stretch1.7.0-1fixed
buster, bullseye1.10.0-1fixed
sid, trixie, bookworm2.1.0-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
ruby-omniauth-samlsource(unstable)(not affected)

Notes

- ruby-omniauth-saml <not-affected> (The actual vulnerability is in ruby-saml, which is used by the Debian package)
The change in 1.10.0 simply bumps the version requirement
https://github.com/omniauth/omniauth-saml/issues/156
https://github.com/omniauth/omniauth-saml/pull/157
https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
https://www.kb.cert.org/vuls/id/475445

Search for package or bug name: Reporting problems