CVE-2022-41912

Debian Bug report logs - #1025187 golang-github-crewjam-saml: CVE-2022-41912: Signature bypass via multiple Assertion elements Package: src:golang-github-crewjam-saml; Maintainer for src:golang-github-crewjam-saml is Debian Go Packaging Team <team+pkg-go@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debian ...

Synopsis Important: OpenShift Container Platform 41047 bug fix and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 41047 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift ...

概要 Important: Red Hat Advanced Cluster Management 270 security and bug fix updates タイプ/重大度 Security Advisory: Important トピック Red Hat Advanced Cluster Management for Kubernetes 270 GeneralAvailability release images, which provide security updates and fix bugsRed Hat Product Security has rated this update as having ...

Synopsis Important: OpenShift Container Platform 41121 extras and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 41121 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a sec ...

Synopsis Important: OpenShift Container Platform 4857 security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 4857 is now available withupdates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impactof ...

Synopsis Critical: OpenShift Container Platform 4955 security update Type/Severity Security Advisory: Critical Topic Red Hat OpenShift Container Platform release 4955 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact of ...

Synopsis Important: Red Hat Ceph Storage 61 Container security and bug fix update Type/Severity Security Advisory: Important Topic A new container image for Red Hat Ceph Storage 61 is now available in the Red Hat Ecosystem CatalogRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability ...

Synopsis Important: Red Hat Advanced Cluster Management 263 security update Type/Severity Security Advisory: Important Topic Red Hat Advanced Cluster Management for Kubernetes 263 GeneralAvailability release images, which provide security updates, fix bugs, and update container imagesRed Hat Product Security has rated this update as havi ...

DescriptionThe MITRE CVE dictionary describes this issue as: The crewjam/saml go library prior to version 049 is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements This issue has been corrected in version 049 There are no workarounds other than upgrading to a fixed version ...