CVE-2023-26483Improper Handling of Highly Compressed Data (Data Amplification) in Gosaml2

CWE-409Improper Handling of Highly Compressed Data (Data Amplification)6 documents5 sources
Severity
5.3MEDIUMNVD
EPSS
0.6%
top 30.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Russellhaering Gosaml2Github.com Russellhaering Gosaml2Gosaml2 Project Gosaml2
Timeline
PublishedMar 3
Latest updateMar 4

Description

gosaml2 is a Pure Go implementation of SAML 2.0. SAML Service Providers using this library for SAML authentication support are likely susceptible to Denial of Service attacks. A bug in this library enables attackers to craft a `deflate`-compressed request which will consume significantly more memory during processing than the size of the original request. This may eventually lead to memory exhaustion and the process being killed. The maximum compression ratio achievable with `deflate` is 1032:1,

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

CVEListV5russellhaering/gosaml2< 0.9.0

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

4
OSV
Denial of service via deflate decompression bomb in github.com/russellhaering/gosaml22023-03-03
CVEList
gosaml2 vulnerable to Denial of Service via deflate decompression bomb2023-03-03
GHSA
gosaml2 vulnerable to Denial Of Service Via Deflate Decompression Bomb2023-03-02
OSV
gosaml2 vulnerable to Denial Of Service Via Deflate Decompression Bomb2023-03-02

📋Vendor Advisories

1
Red Hat
gosaml2: Denial of service via `deflate`-compressed request2023-03-04
CVE-2023-26483 — Russellhaering Gosaml2 vulnerability | cvebase