Authentication Bypass

ruby-saml is vulnerable to authentication bypass. The vulnerability is due to improper handling of libxml2 canonicalization in Nokogiri when processing invalid XML, which returns an empty string used for DigestValue calculation, allowing an attacker to perform a Signature Wrapping attack and bypa...

PT-2018-16216 · Elastic · X-Pack Security

Name of the Vulnerable Software and Affected Versions: X-Pack Security versions 6.2.0 through 6.2.2 Description: The issue allows for a user impersonation attack via incorrect XML canonicalization and DOM traversal. An attacker might impersonate a legitimate user if the SAML Identity Provider...