Количество 4
Количество 4
CVE-2017-11428
OneLogin Ruby-SAML 1.6.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.
CVE-2017-11428
OneLogin Ruby-SAML 1.6.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.
CVE-2017-11428
OneLogin Ruby-SAML 1.6.0 and earlier may incorrectly utilize the resul ...
GHSA-x2fr-v8wf-8wwv
Ruby-SAML Improper Authentication vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-11428 OneLogin Ruby-SAML 1.6.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers. | CVSS3: 7.7 | 0% Низкий | почти 7 лет назад |
 | CVE-2017-11428 OneLogin Ruby-SAML 1.6.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers. | CVSS3: 7.7 | 0% Низкий | почти 7 лет назад |
| CVE-2017-11428 OneLogin Ruby-SAML 1.6.0 and earlier may incorrectly utilize the resul ... | CVSS3: 7.7 | 0% Низкий | почти 7 лет назад |
| GHSA-x2fr-v8wf-8wwv Ruby-SAML Improper Authentication vulnerability | CVSS3: 7.7 | 0% Низкий | больше 6 лет назад |
Уязвимостей на страницу