163 matches found
Authentication Bypass
passport-wsfed-saml2 is vulnerable to Authentication Bypass. The vulnerability is due to insufficient validation of SAML response attributes due to the ability to tamper with a valid signed SAML response to impersonate users...
CVE-2025-46573
passport-wsfed-saml2 provides passport strategy for both WS-fed and SAML2 protocol. A vulnerability present starting in version 3.0.5 up to and including version 4.6.3 allows an attacker to impersonate any user during SAML authentication by tampering with a valid SAML response. This can be done b...
CVE-2025-27509
fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time JIT provisioning is enabled, or create new...
CVE-2025-27509 SAML authentication vulnerability due to improper SAML response validation
fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time JIT provisioning is enabled, or create new...
CVE-2025-27509
Fleet has a SAML authentication vulnerability (CVE-2025-27509) due to improper SAML response validation in fleetdm/fleet. In vulnerable versions, an attacker could forge authentication assertions, potentially provisioning a new administrative user under JIT provisioning or creating accounts tied ...
CVE-2025-27509 SAML authentication vulnerability due to improper SAML response validation
fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time JIT provisioning is enabled, or create new...
USN-7309-1: Ruby SAML vulnerabilities
It was discovered that Ruby SAML did not properly validate SAML responses. An unauthenticated attacker could use this vulnerability to log in as an abitrary user. This issue only affected Ubuntu 16.04 LTS. CVE-2016-5697 It was discovered that Ruby SAML incorrectly utilized the results of XML DOM...
GHSA-VQ63-8F72-F486 AspNetCore Remote Authenticator for CIE3.0 Allows SAML Response Signature Verification Bypass
Description Authentication using Spid and CIE is based on the SAML2 standard which provides for two entities: Identity Provider IdP: the system that authenticates users and provides identity information SAML assertions to the Service Provider, essentially, it is responsible for managing user...
GHSA-36H8-R92J-W9VW The AspNetCore Remote Authenticator for SPID Allows SAML Response Signature Verification Bypass
Description Authentication using Spid and CIE is based on the SAML2 standard which provides for two entities: Identity Provider IdP: the system that authenticates users and provides identity information SAML assertions to the Service Provider, essentially, it is responsible for managing user...
The AspNetCore Remote Authenticator for SPID Allows SAML Response Signature Verification Bypass
Description Authentication using Spid and CIE is based on the SAML2 standard which provides for two entities: Identity Provider IdP: the system that authenticates users and provides identity information SAML assertions to the Service Provider, essentially, it is responsible for managing user...
CVE-2025-24895
CIE.AspNetCore.Authentication is an AspNetCore Remote Authenticator for CIE 3.0. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: 1. Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the...
CVE-2025-24895 SAML Response Signature Verification Bypass in CIE.AspNetCore.Authentication
CIE.AspNetCore.Authentication is an AspNetCore Remote Authenticator for CIE 3.0. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: 1. Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the...
CVE-2025-24895 SAML Response Signature Verification Bypass in CIE.AspNetCore.Authentication
CIE.AspNetCore.Authentication is an AspNetCore Remote Authenticator for CIE 3.0. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: 1. Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the...
CVE-2025-24895
CVE-2025-24895 describes a SAML signature verification bypass in the CIE.AspNetCore.Authentication SP component for SPID/CIE. The issue arises because the first signature in a SAML response is not guaranteed to refer to the root object; an attacker could inject an item signed as the first element...
CVE-2025-24894 SAML Response Signature Verification Bypass in SPID.AspNetCore.Authentication
SPID.AspNetCore.Authentication is an AspNetCore Remote Authenticator for SPID. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the Service...
CVE-2025-24894 SAML Response Signature Verification Bypass in SPID.AspNetCore.Authentication
SPID.AspNetCore.Authentication is an AspNetCore Remote Authenticator for SPID. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the Service...
AspNetCore Remote Authenticator for CIE3.0 Allows SAML Response Signature Verification Bypass
Authentication using Spid and CIE is based on the SAML2 standard which provides for two entities: Identity Provider IdP: the system that authenticates users and provides identity information SAML assertions to the Service Provider, essentially, it is responsible for managing user credentials and...
DEBIAN-CVE-2024-52596
SimpleSAMLphp xml-common is a common classes for handling XML-structures. When loading an untrusted XML document, for example the SAMLResponse, it's possible to induce an XXE. This vulnerability is fixed in 1.19.0...
SUSE CVE-2024-45409
The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in = 12.2 and 1.13.0 = 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document by the IdP can thus forge a SAML...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.11 security update on RHEL 8
New Red Hat Single Sign-On 7.6.11 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of none. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...