2 matches found
Authentication Bypass
passport-wsfed-saml2 is vulnerable to Authentication Bypass. The vulnerability exists because the SAML signature validation in saml.js does not ensure that the Signature tag is in the proper location inside the Assertion tag, which allows an attacker to bypass permission checks and gain access to...
ROS-20220929-01
BIND DNS server vulnerability is related to boundary conditions when reusing HTTP connection when requesting statistics from a statistics channel. Exploitation of the vulnerability could allow an attacker, acting remotely, using a managed DNS server to cause a read error outside the boundary...