samlify is a Node.js library for SAML single sign-on. A Signature Wrapping attack has been found in samlify prior to version 2.10.0, allowing an attacker to forge a SAML Response to authenticate as any user. An attacker would need a signed XML document by the identity provider. Version 2.10.0 fixes the issue.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Fri, 19 Sep 2025 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Samlify Project
Samlify Project samlify
CPEs cpe:2.3:a:samlify_project:samlify:*:*:*:*:*:*:*:*
Vendors & Products Samlify Project
Samlify Project samlify
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N'}


Tue, 20 May 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 19 May 2025 19:30:00 +0000

Type Values Removed Values Added
Description samlify is a Node.js library for SAML single sign-on. A Signature Wrapping attack has been found in samlify prior to version 2.10.0, allowing an attacker to forge a SAML Response to authenticate as any user. An attacker would need a signed XML document by the identity provider. Version 2.10.0 fixes the issue.
Title samlify SAML Signature Wrapping attack
Weaknesses CWE-347
References
Metrics cvssV4_0

{'score': 9.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2025-05-20T13:00:40.340Z

Reserved: 2025-05-14T10:32:43.530Z

Link: CVE-2025-47949

cve-icon Vulnrichment

Updated: 2025-05-20T13:00:37.335Z

cve-icon NVD

Status : Analyzed

Published: 2025-05-19T20:15:26.287

Modified: 2025-09-19T17:32:34.830

Link: CVE-2025-47949

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.