CVE-2024-1735

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-1735

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-1735.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-1735

Aliases

GHSA-4m6j-23p2-8c54

Related

GHSA-4m6j-23p2-8c54

Published

2024-02-26T16:27:53.123Z

Modified

2025-11-19T17:34:35.440908Z

Severity

9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator

Summary

[none]

Details

A vulnerability has been identified in armeria-saml versions less than 1.27.2, allowing the use of malicious SAML messages to bypass authentication. All users who rely on armeria-saml older than version 1.27.2 must upgrade to 1.27.2 or later.

References

https://github.com/line/armeria/security/advisories/GHSA-4m6j-23p2-8c54

Affected packages

Git / github.com/line/armeria

Affected ranges

Type: GIT
Repo: https://github.com/line/armeria
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

fbbb84ecf3c23996501a1039352a0c6a2680c858