Описание
xml_security.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | 1.7.2-1 |
| devel | not-affected | |
| esm-apps/bionic | not-affected | |
| esm-apps/focal | not-affected | |
| esm-apps/jammy | not-affected | |
| esm-apps/noble | not-affected | |
| esm-apps/xenial | not-affected | 1.1.2-1ubuntu1 |
| focal | not-affected | |
| jammy | not-affected | |
| kinetic | not-affected |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 55%
0.00329
Низкий
9.8 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.8
nvd
больше 2 лет назад
xml_security.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used.
CVSS3: 9.8
debian
больше 2 лет назад
xml_security.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPat ...
EPSS
Процентиль: 55%
0.00329
Низкий
9.8 Critical
CVSS3