Authored by Google Security Research, Felix Wilhelm

The crewjam/saml go library is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements.

advisories | CVE-2022-41912