3 matches found
EUVD-2018-0357
Malware in sbrugna...
GHSA-4VC4-M8QH-G8JM Ruby SAML allows a SAML authentication bypass due to DOCTYPE handling (parser differential)
Summary An authentication bypass vulnerability was found in ruby-saml due to a parser differential. ReXML and Nokogiri parse XML differently, the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping...
GHSA-G48F-PGWH-WWXX onelogin/php-saml signature wrapping attacks
Vulnerability in onelogin/php-saml versions prior to 2.10.0 allows signature Wrapping attacks which may result in a malicious user gaining unauthorized access to a system...