Package
encoding/xml
(Golang)
Affected versions
<=2.26.0
Impact
The following vulnerabilities have been disclosed, which impact users leveraging the SAML connector:
Signature Validation Bypass (CVE-2020-15216): GHSA-q547-gmf8-8jr7
encoding/xml instabilities:
Patches
Immediately update to Dex v2.27.0.
Workarounds
There are no known workarounds.
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session.
You signed out in another tab or window. Reload to refresh your session.
Impact
The following vulnerabilities have been disclosed, which impact users leveraging the SAML connector:
Signature Validation Bypass (CVE-2020-15216): GHSA-q547-gmf8-8jr7
encoding/xmlinstabilities:Patches
Immediately update to Dex v2.27.0.
Workarounds
There are no known workarounds.