Sha256: b99a3017bf01ca682e427b43f271abdaaf1a6996ed4a8bea776199080c4ead84

Contents?: true

Size: 446 Bytes

Versions: 6

Compression:

Stored size: 446 Bytes

Contents

---
gem: ruby-saml
osvdb: 117903
url: http://www.osvdb.org/show/osvdb/117903
title: Ruby-Saml Gem is vulnerable to arbitrary code execution
date: 2015-02-03
description: |
  ruby-saml contains a flaw that is triggered as the URI value of a SAML response is
  not properly sanitized through a prepared statement. This may allow a remote
  attacker to execute arbitrary shell commands on the host machine.
cvss_v2:
patched_versions:
  - ">= 0.8.2"

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/gems/ruby-saml/OSVDB-117903.yml
bundler-budit-0.6.2 data/ruby-advisory-db/gems/ruby-saml/OSVDB-117903.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/ruby-saml/OSVDB-117903.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/ruby-saml/OSVDB-117903.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/ruby-saml/OSVDB-117903.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/ruby-saml/OSVDB-117903.yml