Auto-merge PR#5098

2025-05-07 11:06:39 +00:00 · 2022-03-31 10:15:20 -04:00 · 2022-03-31 10:15:20 -04:00 · 7f4bfdcf26
commit 7f4bfdcf26
parent 7adf6980df 94aed3f389
1 changed files with 21 additions and 7 deletions
--- a/2018/5xxx/CVE-2018-5387.json
+++ b/2018/5xxx/CVE-2018-5387.json
@ -1,9 +1,9 @@
 {
    "CVE_data_meta": {
        "ASSIGNER": "cert@cert.org",
+        "DATE_PUBLIC": "2018-02-27T00:00:00.000Z",
        "ID": "CVE-2018-5387",
-        "STATE": "PUBLIC",
-        "TITLE": "Wizkunde SAMLBase may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers"
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
@ -16,8 +16,9 @@
                                "version": {
                                    "version_data": [
                                        {
-                                            "affected": "?",
-                                            "version_value": "N/A"
+                                            "affected": "{}",
+                                            "version_affected": "<",
+                                            "version_value": "1.2.7"
                                        }
                                    ]
                                }
@ -40,13 +41,16 @@
            }
        ]
    },
+    "generator": {
+        "engine": "Vulnogram 0.0.9"
+    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
-                        "value": "CWE-287"
+                        "value": "CWE-287 Improper Authentication"
                    }
                ]
            }
@ -60,13 +64,23 @@
                "url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
            },
            {
-                "name": "VU#475445",
+                "name": "https://www.kb.cert.org/vuls/id/475445",
                "refsource": "CERT-VN",
                "url": "https://www.kb.cert.org/vuls/id/475445"
+            },
+            {
+                "name": "https://github.com/GoGentoOSS/SAMLBase/issues/3",
+                "refsource": "CONFIRM",
+                "url": "https://github.com/GoGentoOSS/SAMLBase/issues/3"
+            },
+            {
+                "name": "https://github.com/GoGentoOSS/SAMLBase/commit/482cdf8c090e0f1179073034ebcb609ac7c3f5b3",
+                "refsource": "CONFIRM",
+                "url": "https://github.com/GoGentoOSS/SAMLBase/commit/482cdf8c090e0f1179073034ebcb609ac7c3f5b3"
            }
        ]
    },
    "source": {
        "discovery": "UNKNOWN"
    }
-}
+}