Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2025/02/28 12:0 a.m.16 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Ruby SAML vulnerabilities (USN-7309-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7309-1 advisory. It was discovered that Ruby SAML did not properly validate SAML responses. An unauthenticated...

10CVSS8.6AI score0.10684EPSS
Exploits4References4
Debian
Debian
added 2024/11/11 3:3 p.m.13 views

[SECURITY] [DLA 3949-1] ruby-saml security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3949-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA November 11, 2024 https://wiki.debian.org/LTS -...

10CVSS6.8AI score0.10684EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2024/11/11 12:0 a.m.16 views

Debian dla-3949 : ruby-saml - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-3949 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3949-1 [email protected] https://www.debian.org/lts/security/...

10CVSS8.8AI score0.10684EPSS
Exploits3References4
GithubExploit
GithubExploit
added 2024/10/07 9:24 a.m.978 views

Exploit for Improper Verification of Cryptographic Signature in Onelogin Ruby-Saml

Ruby-SAML / GitLab Authentication Bypass CVE-2024-45409 expl...

10CVSS9.8AI score0.10684EPSS
Exploits3
OpenVAS
OpenVAS
added 2024/09/23 12:0 a.m.17 views

Debian: Security Advisory (DSA-5774-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.5AI score0.10684EPSS
Exploits3References2
Debian
Debian
added 2024/09/20 6:48 p.m.18 views

[SECURITY] [DSA 5774-1] ruby-saml security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5774-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 20, 2024 https://www.debian.org/security/faq -...

10CVSS6.7AI score0.10684EPSS
Exploits3
SUSE CVE
SUSE CVE
added 2024/09/19 11:19 p.m.5 views

SUSE CVE-2024-45409

The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in = 12.2 and 1.13.0 = 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document by the IdP can thus forge a SAML...

10CVSS7AI score0.10684EPSS
Exploits3References3
The Hacker News
The Hacker News
added 2024/09/19 5:7 a.m.34 views

GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions

GitLab has released patches to address a critical flaw impacting Community Edition CE and Enterprise Edition EE that could result in an authentication bypass. The vulnerability is rooted in the ruby-saml library CVE-2024-45409, CVSS score: 10.0, which could allow an attacker to log in as an...

10CVSS7.7AI score0.9921EPSS
Exploits14
Circl
Circl
added 2024/09/10 9:46 p.m.34 views

CVE-2024-45409

creationtimestamp| type| source ---|---|--- 2024-09-10 21:46:54+00:00| seen| https://t.me/cvedetector/5296 2024-09-12 10:08:54+00:00| published-proof-of-concept| https://t.me/HackingInsights/12851 2024-09-18 09:07:12+00:00| seen| https://t.me/HackingInsights/13399 2024-09-19 04:00:00+00:00| seen|...

10CVSS7AI score0.10684EPSS
Exploits3References38
Chainguard
Chainguard
added 2024/09/10 7:15 p.m.25 views

CVE-2024-45409 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ee-fips, gitlab-rails-ee...

10CVSS7.1AI score0.10684EPSS
Exploits3
Debian CVE
Debian CVE
added 2024/09/10 6:50 p.m.20 views

CVE-2024-45409

The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in = 12.2 and 1.13.0 = 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document by the IdP can thus forge a SAML...

10CVSS8AI score0.10684EPSS
Exploits3
Rows per page
Query Builder