A vulnerability has been identified in armeria-saml versions less than 1.27.2, allowing the use of malicious SAML messages to bypass authentication. All users who rely on armeria-saml older than version 1.27.2 must upgrade to 1.27.2 or later.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Sat, 29 Mar 2025 00:15:00 +0000

Type Values Removed Values Added
First Time appeared Linecorp
Linecorp armeria
Weaknesses CWE-287
CPEs cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*
Vendors & Products Linecorp
Linecorp armeria
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: LY-Corporation

Published:

Updated: 2025-08-26T20:01:39.603Z

Reserved: 2024-02-22T05:17:44.461Z

Link: CVE-2024-1735

cve-icon Vulnrichment

Updated: 2024-08-01T18:48:21.949Z

cve-icon NVD

Status : Analyzed

Published: 2024-02-26T16:27:53.123

Modified: 2025-04-25T18:13:45.867

Link: CVE-2024-1735

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.