Описание
The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document (by the IdP) can thus forge a SAML Response/Assertion with arbitrary contents. This would allow the attacker to log in as arbitrary user within the vulnerable system. This vulnerability is fixed in 1.17.0 and 1.12.3.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.17.0 |
| esm-apps/bionic | released | 1.7.2-1ubuntu0.1~esm1 |
| esm-apps/focal | released | 1.11.0-1ubuntu0.1 |
| esm-apps/jammy | released | 1.13.0-1ubuntu0.1 |
| esm-apps/noble | released | 1.15.0-1ubuntu0.24.04.1 |
| esm-apps/xenial | released | 1.1.2-1ubuntu1+esm1 |
| focal | released | 1.11.0-1ubuntu0.1 |
| jammy | released | 1.13.0-1ubuntu0.1 |
| noble | released | 1.15.0-1ubuntu0.24.04.1 |
| oracular | released | 1.15.0-1ubuntu0.24.10.1 |
Показывать по
10 Critical
CVSS3
Связанные уязвимости
The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document (by the IdP) can thus forge a SAML Response/Assertion with arbitrary contents. This would allow the attacker to log in as arbitrary user within the vulnerable system. This vulnerability is fixed in 1.17.0 and 1.12.3.
The Ruby SAML library is for implementing the client side of a SAML au ...
SAML authentication bypass via Incorrect XPath selector
Уязвимость реализации модуля единого входа в приложения SAML библиотеки Ruby SAML и программной платформы на базе git для совместной работы над кодом GitLab, позволяющая повысить свои привилегии
10 Critical
CVSS3