mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
32 lines
989 B
JSON
32 lines
989 B
JSON
{
|
|
"id": "CVE-2015-20108",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2023-05-27T19:15:09.043",
|
|
"lastModified": "2023-05-28T02:28:04.970",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "xml_security.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://github.com/SAML-Toolkits/ruby-saml/commit/9853651b96b99653ea8627d757d46bfe62ab6448",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://github.com/SAML-Toolkits/ruby-saml/compare/v0.9.2...v1.0.0",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://github.com/SAML-Toolkits/ruby-saml/pull/225",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/OSVDB-124991.yml",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |