Updated advisory posts against rubysec/ruby-advisory-db@46096c9

Sebastien Faure · RubySec CI · commit 4bf5908b4745 · 2024-09-13T07:25:34.000Z
diff --git a/advisories/_posts/2024-08-28-CVE-2024-45409.md b/advisories/_posts/2024-08-28-CVE-2024-45409.md
@@ -0,0 +1,24 @@
+---
+layout: advisory
+title: 'CVE-2024-45409 (ruby-saml): SAML authentication bypass via Incorrect XPath
+  selector'
+comments: false
+categories:
+- ruby-saml
+advisory:
+  gem: ruby-saml
+  cve: 2024-45409
+  ghsa: jw9c-mfg7-9rx2
+  url: https://github.com/SAML-Toolkits/ruby-saml/commit/1ec5392bc506fe43a02dbb66b68741051c5ffeae
+  title: SAML authentication bypass via Incorrect XPath selector
+  date: 2024-08-28
+  description: |
+    Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response.
+    An unauthenticated attacker with access to any signed saml document (by the IdP) can thus forge a SAML
+    Response/Assertion with arbitrary contents. This would allow the attacker to log in as arbitrary user within
+    the vulnerable system.
+  cvss_v3: 10.0
+  patched_versions:
+  - "~> 1.12.3"
+  - ">= 1.17.0"
+---
