7 matches found
Sentry: Improper authentication on SAML SSO process allows user identity linking
Impact A critical vulnerability was discovered in the SAML SSO implementation of Sentry. It was reported to us via our private bug bounty program. The vulnerability allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on the same...
CVE-2022-23610
wire-server provides back end services for Wire, an open source messenger. In versions of wire-server prior to the 2022-01-27 release, it was possible to craft DSA Signatures to bypass SAML SSO and impersonate any Wire user with SAML credentials. In teams with SAML, but without SCIM, it was...
EUVD-2020-27331
Malware in sbrugna...
EUVD-2025-0092
Malicious code in bioql PyPI...
EUVD-2022-28579
Malicious code in bioql PyPI...
EUVD-2022-51684
Malicious code in bioql PyPI...
GHSA-7PQ6-V88G-WF3W Sentry's improper authentication on SAML SSO process allows user impersonation
Impact A critical vulnerability was discovered in the SAML SSO implementation of Sentry. It was reported to us via our private bug bounty program. The vulnerability allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on the same...