Description
Relyra is a strict-by-default SAML 2.0 Service Provider library for Elixir and Phoenix. Versions 1.0.0 and 1.1.0 accept forged SAML signatures because SignatureValue was not cryptographically verified before the library returned a successful authentication result. The XMLDSig trust boundary was incomplete as :public_key.verify over the exclusive-C14N canonicalized SignedInfo was not performed against the configured IdP certificate's public key, DigestValue was not recomputed over the canonicalized referenced element, and canonicalize/2 remained an unused passthrough in the signature-verification path. The result was a structure-only acceptance path where document shape and trust-source rejection could succeed without proving the signature bytes. A forged SignatureValue carrying an attacker-controlled NameID could be accepted as {:ok}. This issue has been fixed in version 1.2.0.
Published: 2026-06-18
Score: 9.1 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability lies in Relyra’s SAML 2.0 Service Provider library, which does not cryptographically verify the SignatureValue field of inbound SAML assertions. Because the library skips proper validation of the SignedInfo element, an attacker can send a forged signature that carries a malicious NameID and have the library accept it as a successful authentication. The primary consequence is that the attacker can impersonate any user, gaining unauthorized access to resources protected by the application. The weakness corresponds to CWE‑287, Authentication Bypass, and CWE‑347, Missing Signature Verification.

Affected Systems

The impacted product is szTheory’s Relyra library used in Elixir and Phoenix web applications. Versions 1.0.0 and 1.1.0 lack the necessary signature checks and therefore are vulnerable. The fix is available in 1.2.0, which implements the missing cryptographic validation. Any project that has integrated these vulnerable versions without applying the patch is at risk.

Risk and Exploitability

The CVSS score of 9.1 indicates a high severity level, reflecting remote exploitation that could lead to unauthorized authorization. Although the EPSS score is not available, the lack of a CISA KEV listing suggests no widespread exploitation has been documented yet, but the vulnerability remains a significant threat. The attack vector likely involves sending a crafted SAML response from an attacker-controlled IdP or intercepting a legitimate response, as the library fails to check the signature bytes. Successful exploitation requires only that the forged assertion reach the application, making the risk high for exposed services.

Generated by OpenCVE AI on June 18, 2026 at 22:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Relyra to version 1.2.0 or later.
  • Configure the application to enforce complete SAML signature verification, ensuring the IdP’s public key is used to validate the SignedInfo element and that the DigestValue is recomputed over the canonicalized referenced element.
  • Apply network restrictions to limit reachable IdP endpoints and monitor authentication logs for potential bypass attempts.

Generated by OpenCVE AI on June 18, 2026 at 22:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 18 Jun 2026 21:15:00 +0000

Type Values Removed Values Added
Description Relyra is a strict-by-default SAML 2.0 Service Provider library for Elixir and Phoenix. Versions 1.0.0 and 1.1.0 accept forged SAML signatures because SignatureValue was not cryptographically verified before the library returned a successful authentication result. The XMLDSig trust boundary was incomplete as :public_key.verify over the exclusive-C14N canonicalized SignedInfo was not performed against the configured IdP certificate's public key, DigestValue was not recomputed over the canonicalized referenced element, and canonicalize/2 remained an unused passthrough in the signature-verification path. The result was a structure-only acceptance path where document shape and trust-source rejection could succeed without proving the signature bytes. A forged SignatureValue carrying an attacker-controlled NameID could be accepted as {:ok}. This issue has been fixed in version 1.2.0.
Title Relyra SAML SignatureValue not cryptographically verified -> authentication bypass
Weaknesses CWE-287
CWE-347
References
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-18T20:52:22.605Z

Reserved: 2026-05-30T02:43:33.107Z

Link: CVE-2026-49454

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T22:30:16Z

Weaknesses
  • CWE-287

    Improper Authentication

  • CWE-347

    Improper Verification of Cryptographic Signature