CVE-2020-5407

NameCVE-2020-5407
DescriptionSpring Security versions 5.2.x prior to 5.2.4 and 5.3.x prior to 5.3.2 contain a signature wrapping vulnerability during SAML response validation. When using the spring-security-saml2-service-provider component, a malicious user can carefully modify an otherwise valid SAML response and append an arbitrary assertion that Spring Security will accept as valid.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libspring-security-2.0-java (PTS)jessie, jessie (lts)2.0.7.RELEASE-3+deb8u2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libspring-security-2.0-javasourcewheezy(unfixed)end-of-life
libspring-security-2.0-javasourcejessie(not affected)
libspring-security-2.0-javasource(unstable)(unfixed)

Notes

[jessie] - libspring-security-2.0-java <not-affected> (Vulnerable code introduced later)
Search for package or bug name: Reporting problems