11 matches found
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Ruby SAML vulnerabilities (USN-7309-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7309-1 advisory. It was discovered that Ruby SAML did not properly validate SAML responses. An unauthenticated...
[SECURITY] [DLA 3949-1] ruby-saml security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3949-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA November 11, 2024 https://wiki.debian.org/LTS -...
Debian dla-3949 : ruby-saml - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-3949 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3949-1 [email protected] https://www.debian.org/lts/security/...
Exploit for Improper Verification of Cryptographic Signature in Onelogin Ruby-Saml
Ruby-SAML / GitLab Authentication Bypass CVE-2024-45409 expl...
Debian: Security Advisory (DSA-5774-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5774-1] ruby-saml security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5774-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 20, 2024 https://www.debian.org/security/faq -...
SUSE CVE-2024-45409
The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in = 12.2 and 1.13.0 = 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document by the IdP can thus forge a SAML...
GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
GitLab has released patches to address a critical flaw impacting Community Edition CE and Enterprise Edition EE that could result in an authentication bypass. The vulnerability is rooted in the ruby-saml library CVE-2024-45409, CVSS score: 10.0, which could allow an attacker to log in as an...
CVE-2024-45409
creationtimestamp| type| source ---|---|--- 2024-09-10 21:46:54+00:00| seen| https://t.me/cvedetector/5296 2024-09-12 10:08:54+00:00| published-proof-of-concept| https://t.me/HackingInsights/12851 2024-09-18 09:07:12+00:00| seen| https://t.me/HackingInsights/13399 2024-09-19 04:00:00+00:00| seen|...
CVE-2024-45409 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ee-fips, gitlab-rails-ee...
CVE-2024-45409
The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in = 12.2 and 1.13.0 = 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document by the IdP can thus forge a SAML...