Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/02/28 12:0 a.m.16 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Ruby SAML vulnerabilities (USN-7309-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7309-1 advisory. It was discovered that Ruby SAML did not properly validate SAML responses. An unauthenticated...

10CVSS8.6AI score0.10684EPSS
Exploits4References4
OSV
OSV
added 2017/01/23 9:59 p.m.15 views

CVE-2016-5697

Ruby-saml before 1.3.0 allows attackers to perform XML signature wrapping attacks via unspecified vectors...

7.5CVSS6.7AI score
Exploits0References1
OSV
OSV
added 2017/01/23 9:59 p.m.4 views

UBUNTU-CVE-2016-5697

Ruby-saml before 1.3.0 allows attackers to perform XML signature wrapping attacks via unspecified vectors...

7.5CVSS7.1AI score0.01208EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2017/01/23 9:0 p.m.26 views

CVE-2016-5697

Ruby-saml before 1.3.0 allows attackers to perform XML signature wrapping attacks via unspecified vectors...

7.5CVSS7.5AI score0.01208EPSS
Exploits0
CVE
CVE
added 2017/01/23 9:0 p.m.74 views

CVE-2016-5697

CVE-2016-5697 concerns the Ruby-saml library before version 1.3.0, where improper handling of SAML signatures allows XML signature wrapping attacks via unspecified vectors. The vulnerability can enable an unauthenticated attacker to impersonate a user by abusing how SAML responses are validated (...

7.5CVSS7.3AI score0.01208EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/07/12 12:0 a.m.31 views

FreeBSD : ruby-saml -- XML signature wrapping attack (3fcd52b2-4510-11e6-a15f-00248c0c745d)

RubySec reports : ruby-saml prior to version 1.3.0 is vulnerable to an XML signature wrapping attack in the specific scenario where there was a signature that referenced at the same time 2 elements but past the scheme validator process since 1 of the element was inside the encrypted assertion...

7.5CVSS7.5AI score0.01208EPSS
Exploits0References4
Rows per page
Query Builder