Advisories for Golang/Github.com/Fleetdm/Fleet/V4 package

Fleet is an open source osquery manager. In Fleet, due to issues in Go's standard library XML parsing, a valid SAML response may be mutated by an attacker to modify the trusted document. This can result in allowing unverified logins from a SAML IdP. Users that configure Fleet with SSO login may be vulnerable to this issue. This issue is patched The fix was made using https://github.com/mattermost/xml-roundtrip-validator If upgrade to …

fleet is an open source device management, built on osquery. expose a limited ability to spoof SAML authentication with missing audience verification. This impacts deployments using SAML SSO in two specific cases: A malicious or compromised Service Provider (SP) could reuse the SAML response to log into Fleet as a user – only if the user has an account with the same email in Fleet, and the user signs into …