Security vulnerabilities can be reported using GitHub's private vulnerability reporting tool.
Security: russellhaering/gosaml2
Security
SECURITY.md
-
CBC Padding Panic — Unauthenticated Process CrashGHSA-hwqm-qvj9-4jr2 published
Mar 18, 2026 by russellhaeringHigh -
Unsigned SAML LogoutRequest Acceptance in gosaml2GHSA-pcgw-qcv5-h8ch published
Mar 18, 2026 by russellhaeringHigh -
Denial Of Service Via Deflate Decompression BombGHSA-6gc3-crp7-25w5 published
Mar 1, 2023 by russellhaeringModerate -
Denial of Service via nil-Pointer DereferenceGHSA-prjq-f4q3-fvfr published
Nov 10, 2022 by russellhaeringHigh -
Authentication BypassGHSA-xhqq-x44f-9fgg published
Dec 14, 2020 by russellhaeringCritical -
Signature Validation BypassGHSA-5684-g483-2249 published
Sep 29, 2020 by russellhaeringCritical
Learn more about advisories related to russellhaering/gosaml2 in the GitHub Advisory Database