Sha256: e900466927174f6ecc30651a97247c6c6add112fbb0d3133c9c4b6097b59eb9f
Contents?: true
Size: 385 Bytes
Versions: 1
Compression:
Stored size: 385 Bytes
Contents
--- gem: samlr cve: 2018-20857 ghsa: qpxp-5j56-gg3x url: https://github.com/zendesk/samlr/pull/29 date: 2019-07-31 title: samlr XML nodes comment attack description: | Zendesk Samlr before 2.6.2 allows an XML nodes comment attack such as a name_id node with user@example.com followed by <!---->. and then the attacker's domain name. cvss_v3: 7.5 patched_versions: - ">= 2.6.2"
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.7.0.1 | data/ruby-advisory-db/gems/samlr/CVE-2018-20857.yml |