Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
SAML ACS is network-reachable with no auth or UI; forging a signature is trivial given the missing verify call, yielding full impersonation (C:H/I:H) but no availability impact.
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
3DescriptionCVE.org
Relyra is a strict-by-default SAML 2.0 Service Provider library for Elixir and Phoenix. Versions 1.0.0 and 1.1.0 accept forged SAML signatures because SignatureValue was not cryptographically verified before the library returned a successful authentication result. The XMLDSig trust boundary was incomplete as :public_key.verify over the exclusive-C14N canonicalized SignedInfo was not performed against the configured IdP certificate's public key, DigestValue was not recomputed over the canonicalized referenced element, and canonicalize/2 remained an unused passthrough in the signature-verification path. The result was a structure-only acceptance path where document shape and trust-source rejection could succeed without proving the signature bytes. A forged SignatureValue carrying an attacker-controlled NameID could be accepted as {:ok}. This issue has been fixed in version 1.2.0.
AnalysisAI
{:ok}. No public exploit identified at time of analysis, and the issue is fixed in 1.2.0.
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires only that the target Phoenix or Elixir application is running Relyra 1.0.0 or 1.1.0 and exposes a SAML ACS endpoint reachable by the attacker; no authentication, no user interaction, no non-default configuration, and no specific IdP is required because the missing :public_key.verify call and missing DigestValue recomputation are unconditional in the affected versions. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 9.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) is well-supported by the technical facts: the SAML ACS endpoint is internet-reachable, no prior authentication or user interaction is needed, and successful exploitation grants the attacker any identity the IdP could assert, which is precisely a high-confidentiality and high-integrity impact with no availability hit. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who knows the URL of a Relyra-protected Phoenix application's SAML ACS endpoint and the IdP entityID crafts a SAML Response containing a valid-looking Assertion with the victim's email or username in the NameID, a syntactically correct ds:Signature block, and arbitrary bytes in SignatureValue. They POST it to the SP, which performs structural and trust-source checks but never verifies the signature, and the application logs the attacker in as the victim - typically yielding admin or privileged access. … |
| Remediation | Vendor-released patch: upgrade Relyra to version 1.2.0, which introduces a real cryptographically_verify path that calls :public_key.verify over exclusive-C14N canonicalized SignedInfo against the configured IdP certificate and recomputes DigestValue over the canonicalized referenced element, failing closed on every step (see https://github.com/szTheory/relyra/commit/2e456897af3158c175bb490ce7fc51d6241c8922 and the advisory at https://github.com/szTheory/relyra/security/advisories/GHSA-jv46-xfwm-36j7). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all systems running affected versions and isolate critical instances if patching cannot be completed immediately. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-287 – Improper Authentication
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37950
GHSA-jv46-xfwm-36j7