{"vulnerability": "cve-2024-4540", "sightings": [{"uuid": "879d94f1-586e-4e1a-b32b-3c603fe1ad94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-45409", "type": "seen", "source": "https://infosec.exchange/users/obivan/statuses/113481188117795687", "content": "", "creation_timestamp": "2024-11-14T11:58:32.476799Z"}, {"uuid": "b97b68eb-39fd-4eb8-a24f-f245c0f4e21f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials/", "content": "", "creation_timestamp": "2025-03-12T20:07:18.000000Z"}, {"uuid": "4a6c413d-00f7-46d2-a06c-8f8a668e4f07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-3a724099-4cfda0cf930ac63d", "content": "", "creation_timestamp": "2025-06-26T21:59:48.963092Z"}, {"uuid": "e642223b-913e-4200-afc8-11cb149486a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114144084637484568", "content": "", "creation_timestamp": "2025-03-11T13:41:51.171141Z"}, {"uuid": "fbaa255e-00b1-4401-acc5-378e06fb8629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1377", "content": "", "creation_timestamp": "2024-09-19T04:00:00.000000Z"}, {"uuid": "ce6f0b20-8a16-4934-9dc8-e848cb421cc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8695", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aRuby-SAML / GitLab Authentication Bypass (CVE-2024-45409) exploit\nURL\uff1ahttps://github.com/synacktiv/CVE-2024-45409\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-07T11:59:22.000000Z"}, {"uuid": "18304aba-b844-43e3-a778-d818117866ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/788f36f8-de85-4779-b4e3-6815a156b903", "content": "", "creation_timestamp": "2025-03-13T05:57:30.908420Z"}, {"uuid": "dd5119c1-4b67-466a-a9ee-21d44a054d06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8697", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aRuby-SAML / GitLab Authentication Bypass (CVE-2024-45409) exploit\nURL\uff1ahttps://github.com/UwUtisum/CVE-2024-46310\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-07T13:11:38.000000Z"}, {"uuid": "447acc7d-49a2-49b6-9ca6-05e9eb0df405", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/HackingInsights/13399", "content": "\u200aGitLab Releases Critical Security Patch for CVE-2024-45409 (CVSS 10) Vulnerability\n\nhttps://securityonline.info/gitlab-releases-critical-security-patch-for-cve-2024-45409-vulnerability/", "creation_timestamp": "2024-09-18T09:07:12.000000Z"}, {"uuid": "8c13c312-9918-4399-9e41-059553d9f1ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/itsec_news/4729", "content": "\u200b\u26a1\ufe0f\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 GitLab: \u0432\u0445\u043e\u0434 \u0431\u0435\u0437 \u043f\u0430\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043a\u0430\u0436\u0434\u043e\u043c\u0443 \u0445\u0430\u043a\u0435\u0440\u0443\n\n\ud83d\udcac GitLab \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0438\u0445 \u0440\u0435\u0434\u0430\u043a\u0446\u0438\u044f\u0445 Community Edition (CE) \u0438 Enterprise Edition (EE), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u043e\u0439 ruby-saml ( CVE-2024-45409, \u043e\u0446\u0435\u043d\u043a\u0430 \u043f\u043e CVSS: 10.0), \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u043e\u0439\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043f\u043e\u0434 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u043f\u0440\u0438\u0447\u0438\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 SAML-\u043e\u0442\u0432\u0435\u0442\u0430. SAML (Security Assertion Markup Language) \u2014 \u044d\u0442\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0434\u0438\u043d\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (SSO) \u0438 \u043e\u0431\u043c\u0435\u043d \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u043c\u0435\u0436\u0434\u0443 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438 \u0438 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u0430\u043c\u0438.\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439, \u043e\u0431\u043b\u0430\u0434\u0430\u044e\u0449\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u043c SAML-\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c, \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0434\u0434\u0435\u043b\u0430\u0442\u044c SAML-\u043e\u0442\u0432\u0435\u0442 \u0441 \u0430\u0431\u0441\u043e\u043b\u044e\u0442\u043d\u043e \u043b\u044e\u0431\u044b\u043c \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u044b\u043c. \u042d\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u0445\u043e\u0434\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043f\u043e\u0434 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443 omniauth-saml, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b\u043e \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2.2.1 \u0441 \u0446\u0435\u043b\u044c\u044e \u043c\u043e\u0434\u0435\u0440\u043d\u0438\u0437\u0430\u0446\u0438\u0438 ruby-saml \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1.17.0. \u041f\u0430\u0442\u0447\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 GitLab 17.3.3, 17.2.7, 17.1.8, 17.0.8 \u0438 16.11.10.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043c\u0435\u0440 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u043e\u0440\u043e\u0436\u043d\u043e\u0441\u0442\u0438 GitLab \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0434\u0432\u0443\u0445\u0444\u0430\u043a\u0442\u043e\u0440\u043d\u0443\u044e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e (2FA) \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 2FA \u0447\u0435\u0440\u0435\u0437 SAML.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u0430\u0442\u0430\u043a, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0449\u0438\u0435 \u043d\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c GitLab.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0443\u0434\u0443\u0442 \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u043b\u043e\u0433\u0430\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0441\u043e\u0431\u044b\u0442\u0438\u044f\u043c\u0438 SAML, \u043a\u043e\u0433\u0434\u0430 \u043a\u0430\u043a \u043d\u0435\u0443\u0434\u0430\u0447\u043d\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0438 \u0432\u0430\u043b\u0438\u0434\u0430\u0446\u0438\u0438 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 RubySaml.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-09-19T16:55:25.000000Z"}, {"uuid": "06b8859e-c00b-447d-b78c-c97a95633f31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45408", "type": "seen", "source": "https://t.me/cvedetector/6756", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45408 - eLabFTW Information Disclosure Permission Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-45408 \nPublished : Oct. 1, 2024, 3:15 p.m. | 21\u00a0minutes ago \nDescription : eLabFTW is an open source electronic lab notebook for research labs. An incorrect permission check has been found that could allow an authenticated user to access several kinds of otherwise restricted information. If anonymous access is allowed (something disabled by default), this extends to anyone. Users are advised to upgrade to at least version 5.1.0.  System administrators can disable anonymous access in the System configuration panel. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-01T17:45:46.000000Z"}, {"uuid": "5c3c91bc-839e-4e44-9509-264c881ee5ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/225", "content": "Ruby-SAML / GitLab Authentication Bypass (CVE-2024-45409)\n\n\ud83d\udc64 by Harsh Jaiswal & Rahul Maini\n\nIn this blog post, authors will analyze CVE-2024-45409, a critical vulnerability impacting Ruby-SAML, OmniAuth-SAML libraries, which effectively affects GitLab.\n\nThis vulnerability allows an attacker to bypass SAML authentication mechanisms and gain unauthorized access by exploiting a flaw in how SAML responses are handled. The issue arises due to weaknesses in the verification of the digital signature used to protect SAML assertions, allowing attackers to manipulate the SAML response and bypass critical security checks.\n\n\ud83d\udcdd Contents:\n\u25cf Introduction\n\u25cf SAML Message Verification\n    \u2022 How SAML Signatures Work?\n    \u2022 How digest and signature ensure integrity?\n\u25cf Ruby-SAML Bypass\n    \u2022 Bypassing Signature Validation\n\u25cf Conclusion\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass/", "creation_timestamp": "2024-10-07T08:32:31.000000Z"}, {"uuid": "0b5d9f22-8c71-4738-b3eb-0eb9b6121f10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/itsec_news/5499", "content": "\u200b\u26a1\ufe0f\u041e\u0431\u043d\u043e\u0432\u0438\u0442\u0435 ruby-saml \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e: \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0442 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\n\n\ud83d\udcac \u0412 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 ruby-saml, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u043e\u0439 \u0434\u043b\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u043c Security Assertion Markup Language (SAML), \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u042d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\nSAML \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u043c\u0435\u0436\u0434\u0443 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u0441\u0435\u0440\u0432\u0438\u0441\u0430\u043c\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0435\u0434\u0438\u043d\u043e\u0436\u0434\u044b \u0432\u0445\u043e\u0434\u0438\u0442\u044c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 (SSO) \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u0431\u0435\u0437 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0433\u043e \u0432\u0432\u043e\u0434\u0430 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u041e\u0434\u043d\u0430\u043a\u043e \u0432 \u043a\u043e\u0434\u0435 ruby-saml \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u043e\u0448\u0438\u0431\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u043f\u043e\u0434\u0434\u0435\u043b\u044b\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0414\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b CVE-2025-25291 \u0438 CVE-2025-25292 , \u0438\u043c\u0435\u044e\u0442 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 CVSS \u2014 8.8 \u0438\u0437 10. \u041e\u043d\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u043c\u043b\u0430\u0434\u0448\u0435 1.12.4, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0442 1.13.0 \u0434\u043e 1.18.0 (\u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e).\n\n\u041f\u0440\u0438\u0447\u0438\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u0438\u044f\u0445 \u043c\u0435\u0436\u0434\u0443 \u043f\u0430\u0440\u0441\u0435\u0440\u0430\u043c\u0438 XML REXML \u0438 Nokogiri, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e-\u0440\u0430\u0437\u043d\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0438\u0440\u0443\u044e\u0442 \u043e\u0434\u0438\u043d \u0438 \u0442\u043e\u0442 \u0436\u0435 XML-\u043a\u043e\u0434. \u042d\u0442\u043e \u0440\u0430\u0441\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0438 Signature Wrapping, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u043b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 GitHub \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0434\u0430\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u044d\u0442\u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0437\u0430\u0445\u0432\u0430\u0442\u0443 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439. \u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435, \u043e\u0431\u043b\u0430\u0434\u0430\u044f \u043e\u0434\u043d\u043e\u0439 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043f\u043e\u0434\u043f\u0438\u0441\u044c\u044e, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0439 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043b\u044e\u0447\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0433\u043e \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 SAML-\u043e\u0442\u0432\u0435\u0442\u043e\u0432 \u0438\u043b\u0438 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u0439, \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0434\u0434\u0435\u043b\u044b\u0432\u0430\u0442\u044c SAML-\u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u044f \u0438 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043b\u044e\u0431\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 1.12.4 \u0438 1.18.0 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0451 \u043e\u0434\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 ( CVE-2025-25293 , CVSS 7.7), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0442\u043a\u0430\u0437\u043e\u043c \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS). \u041e\u043d\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0441\u0436\u0430\u0442\u044b\u0445 SAML-\u043e\u0442\u0432\u0435\u0442\u043e\u0432 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0434\u0435\u0441\u0442\u0430\u0431\u0438\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0440\u0430\u0431\u043e\u0442\u044b \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432.\n\n\u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 GitHub \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u043a\u043e\u0440\u0435\u043d\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u2014 \u043d\u0435\u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0435 \u043c\u0435\u0436\u0434\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0445\u0435\u0448\u0430 \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u043f\u043e\u0434\u043f\u0438\u0441\u0438, \u0447\u0442\u043e \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0440\u0430\u0437\u043d\u0438\u0446\u0443 \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 XML-\u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c ruby-saml \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0440\u0438\u0441\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0420\u0430\u043d\u0435\u0435, \u0432 2024 \u0433\u043e\u0434\u0443, GitLab \u0438 ruby-saml \u0443\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0431\u0430\u0433 ( CVE-2024-45409 , CVSS 10.0), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-03-15T14:47:01.000000Z"}, {"uuid": "3da005c7-6a9a-4d0f-b9a0-43662ae35770", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45402", "type": "seen", "source": "https://t.me/cvedetector/7689", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45402 - Picotls TLS Free Double-Free Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45402 \nPublished : Oct. 11, 2024, 3:15 p.m. | 31\u00a0minutes ago \nDescription : Picotls is a TLS protocol library that allows users select different crypto backends based on their use case. When parsing a spoofed TLS handshake message, picotls (specifically, bindings within picotls that call the crypto libraries) may attempt to free the same memory twice. This double free occurs during the disposal of multiple objects without any intervening calls to malloc Typically, this triggers the malloc implementation to detect the error and abort the process. However, depending on the internals of malloc and the crypto backend being used, the flaw could potentially lead to a use-after-free scenario, which might allow for arbitrary code execution. The vulnerability is addressed with commit 9b88159ce763d680e4a13b6e8f3171ae923a535d. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T17:51:55.000000Z"}, {"uuid": "b2b3a5a6-f96a-4736-933f-fd32c40ac148", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45403", "type": "seen", "source": "https://t.me/cvedetector/7683", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45403 - H2O HTTP Server HTTP/3 Denial-of-Service Crash Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45403 \nPublished : Oct. 11, 2024, 3:15 p.m. | 31\u00a0minutes ago \nDescription : h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When h2o is configured as a reverse proxy and HTTP/3 requests are cancelled by the client, h2o might crash due to an assertion failure. The crash can be exploited by an attacker to mount a Denial-of-Service attack. By default, the h2o standalone server automatically restarts, minimizing the impact. However, HTTP requests that were served concurrently will still be disrupted. The vulnerability has been addressed in commit 1ed32b2. Users may disable the use of HTTP/3 to mitigate the issue. \nSeverity: 3.7 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T17:51:33.000000Z"}, {"uuid": "349adf6a-06a8-48f3-a28a-b60b7940963c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45407", "type": "seen", "source": "https://t.me/cvedetector/5268", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45407 - Moonlight Sunshine Cross-Site Request Forgery (CSRF)\", \n  \"Content\": \"CVE ID : CVE-2024-45407 \nPublished : Sept. 10, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : Sunshine is a self-hosted game stream host for Moonlight. Clients that experience a MITM attack during the pairing process may inadvertantly allow access to an unintended client rather than failing authentication due to a PIN validation error. The pairing attempt fails due to the incorrect PIN, but the certificate from the forged pairing attempt is incorrectly persisted prior to the completion of the pairing request. This allows access to the certificate belonging to the attacker. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-10T19:15:51.000000Z"}, {"uuid": "d06fc0d6-604e-4cef-ba73-3f612527a4a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/cvedetector/5296", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45409 - Ruby-SAML SAML Response Forgery Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45409 \nPublished : Sept. 10, 2024, 7:15 p.m. | 23\u00a0minutes ago \nDescription : The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in Severity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-10T21:46:54.000000Z"}, {"uuid": "6aa0fcae-40a6-442a-9228-e98d4fb5a11c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45405", "type": "seen", "source": "https://t.me/cvedetector/4960", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45405 - Gitoxide Gix-Path Code Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45405 \nPublished : Sept. 6, 2024, 1:15 p.m. | 23\u00a0minutes ago \nDescription : `gix-path` is a crate of the `gitoxide` project (an implementation of `git` written in Rust) dealing paths and their conversions. Prior to version 0.10.11, `gix-path` runs `git` to find the path of a configuration file associated with the `git` installation, but improperly resolves paths containing unusual or non-ASCII characters, in rare cases enabling a local attacker to inject configuration leading to code execution. Version 0.10.11 contains a patch for the issue.  \n  \nIn `gix_path::env`, the underlying implementation of the `installation_config` and `installation_config_prefix` functions calls `git config -l --show-origin` to find the path of a file to treat as belonging to the `git` installation. Affected versions of `gix-path` do not pass `-z`/`--null` to cause `git` to report literal paths. Instead, to cover the occasional case that `git` outputs a quoted path, they attempt to parse the path by stripping the quotation marks. The problem is that, when a path is quoted, it may change in substantial ways beyond the concatenation of quotation marks. If not reversed, these changes can result in another valid path that is not equivalent to the original.  \n  \nOn a single-user system, it is not possible to exploit this, unless `GIT_CONFIG_SYSTEM` and `GIT_CONFIG_GLOBAL` have been set to unusual values or Git has been installed in an unusual way. Such a scenario is not expected. Exploitation is unlikely even on a multi-user system, though it is plausible in some uncommon configurations or use cases. In general, exploitation is more likely to succeed if users are expected to install `git` themselves, and are likely to do so in predictable locations; locations where `git` is installed, whether due to usernames in their paths or otherwise, contain characters that `git` quotes by default in paths, such as non-English letters and accented letters; a custom `system`-scope configuration file is specified with the `GIT_CONFIG_SYSTEM` environment variable, and its path is in an unusual location or has strangely named components; or a `system`-scope configuration file is absent, empty, or suppressed by means other than `GIT_CONFIG_NOSYSTEM`. Currently, `gix-path` can treat a `global`-scope configuration file as belonging to the installation if no higher scope configuration file is available. This increases the likelihood of exploitation even on a system where `git` is installed system-wide in an ordinary way. However, exploitation is expected to be very difficult even under any combination of those factors. \nSeverity: 6.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-06T15:45:58.000000Z"}, {"uuid": "c860cd5f-6015-4f0d-ad22-90d84d1d56fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45401", "type": "seen", "source": "https://t.me/cvedetector/4936", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45401 - Stripe-cli Plugin Package Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45401 \nPublished : Sept. 5, 2024, 6:15 p.m. | 37\u00a0minutes ago \nDescription : stripe-cli is a command-line tool for the payment processor Stripe. A vulnerability exists in stripe-cli starting in version 1.11.1 and prior to version 1.21.3 where a plugin package containing a manifest with a malformed plugin shortname installed using the --archive-url or --archive-path flags can overwrite arbitrary files. The update in version 1.21.3 addresses the path traversal vulnerability by removing the ability to install plugins from an archive URL or path. There has been no evidence of exploitation of this vulnerability. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-05T21:23:17.000000Z"}, {"uuid": "0769ec79-4236-4a33-99bf-5dcaed6b71b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45400", "type": "seen", "source": "https://t.me/cvedetector/4944", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45400 - CKEditor Plugin OpenLink Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-45400 \nPublished : Sept. 6, 2024, 12:15 a.m. | 39\u00a0minutes ago \nDescription : ckeditor-plugin-openlink is a plugin for the CKEditor JavaScript text editor that extends the context menu with a possibility to open a link in a new tab. A vulnerability in versions of the plugin prior to 1.0.7 allowed a user to execute JavaScript code by abusing the link href attribute. The fix is available starting with version 1.0.7. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-06T03:14:02.000000Z"}, {"uuid": "b1a8c54d-5f11-4609-9c4c-9a51ab35b608", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45406", "type": "seen", "source": "https://t.me/cvedetector/5116", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45406 - Craft CMS Stored Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45406 \nPublished : Sept. 9, 2024, 5:15 p.m. | 31\u00a0minutes ago \nDescription : Craft is a content management system (CMS). Craft CMS 5 stored XSS can be triggered by the breadcrumb list and title fields with user input. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-09T19:49:52.000000Z"}, {"uuid": "a2a88637-14e4-4d10-89af-ca3d6d045b63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "exploited", "source": "https://t.me/cibsecurity/80327", "content": "\ud83e\udd85 Active Exploitation of SAML Vulnerability CVE-2024-45409 Detected by Cyble Sensors \ud83e\udd85\n\n  Overview   On September 10, 2024, a critical vulnerability, CVE202445409, was identified by ahacker1 of SecureSAML. The vulnerability was then patched in the RubySAML library, which is widely used for implementing SAML Security Assertion Markup Language authorization.   This flaw affects RubySAML versions up to 1.12.2 and between 1.13.0 and 1.16.0 and stems from an incorrect XPath selector that prevents the proper verification of the SAML Response signature. An unauthenticated attacker with access to a signed SAML document from a legitimate identity provider IdP can exploit this vulnerability by forging a SAML Response or Assertion. This allows the attacker to bypass the authentication mechanism and potentially gain unauthorized access to sensitive data and critical systems.   SAML is...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-10-15T16:49:25.000000Z"}, {"uuid": "be49bb6d-2e76-4c08-ab3a-5a751763fc54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/CyberBulletin/1094", "content": "\u26a1\ufe0fResearchers Detail Ruby-SAML/GitLab Flaw (CVE-2024-45409) Allows SAML Authentication Bypass.\n\n#CyberBulletin", "creation_timestamp": "2024-10-07T13:14:46.000000Z"}, {"uuid": "1f155c7f-1eee-40aa-ad4e-1917a53d38b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "Telegram/U5krsCFAD4UjFGcsQIcWDcn8h_xa_JLp5Ief53reXXQZpA", "content": "", "creation_timestamp": "2024-09-19T11:13:09.000000Z"}, {"uuid": "b5d249bc-7f12-423c-a460-f90d2099d7e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/15374", "content": "\u200aResearchers Detail Ruby-SAML/GitLab Flaw (CVE-2024-45409) Allows SAML Authentication Bypass\n\nhttps://securityonline.info/researchers-detail-ruby-saml-gitlab-flaw-cve-2024-45409-allows-saml-authentication-bypass/", "creation_timestamp": "2024-10-08T03:27:19.000000Z"}, {"uuid": "f7829c7b-e2e0-4dfc-89eb-7cab85b3e3b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/ton618cyber/5262", "content": "#exploit\n1. CVE-2024-45409:\nRuby-SAML/GitLab Authentication Bypass\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200:\nMario Kart 8 Deluxe's \"KartLANPwn\" BoF\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n// CVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709", "creation_timestamp": "2024-10-08T16:16:09.000000Z"}, {"uuid": "d806dbc4-a5c1-4c41-bc55-f2af93f04216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/IntrusionExploit/310", "content": "\ud83d\udd12 GitLab releases security updates to fix a critical SAML authentication vulnerability affecting self-managed installations of GitLab Community Edition (CE) and Enterprise Edition (EE).\n\ud83d\uded1 Vulnerability: CVE-2024-45409\nThe vulnerability resides in the OmniAuth-SAML and Ruby-SAML libraries. An attacker can craft a malicious SAML response to bypass authentication, causing GitLab to mistake them for an authenticated user.\n\ud83d\udcc5 Affected versions:\nGitLab 17.3.3, 17.2.7, 17.1.8, 17.0.8, 16.11.10, and all earlier versions.\n\u2705 Solution:\nUpdate to GitLab versions 17.3.3, 17.2.7, 17.1.8, 17.0.8, or 16.11.10, where OmniAuth SAML has been upgraded to version 2.2.1 and Ruby-SAML to 1.17.0.\n\nNote: Users on GitLab.com do not need to take any action as this issue only affects self-managed installations.\n\nIf you cannot upgrade now, enable two-factor authentication (2FA) for all accounts and set the SAML 2FA bypass option to \"disable.\"\n\n\ud83d\udc49 Make sure your system is secure!", "creation_timestamp": "2024-09-23T17:23:00.000000Z"}, {"uuid": "2a75d364-760c-4cc9-8e82-4b89363a258f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/12851", "content": "\u200aCVE-2024-45409 (CVSS 10): Critical Ruby-SAML Flaw Leaves User Accounts Exposed\n\nhttps://securityonline.info/cve-2024-45409-cvss-10-critical-ruby-saml-flaw-leaves-user-accounts-exposed/", "creation_timestamp": "2024-09-12T10:08:54.000000Z"}, {"uuid": "0f60951f-4cc6-4a55-aa13-1585052a1c46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/15251", "content": "\u200aRuby-SAML / GitLab Authentication Bypass (CVE-2024-45409)\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass/", "creation_timestamp": "2024-10-05T17:00:37.000000Z"}, {"uuid": "b1988619-9e85-44e2-9312-7e3daf12997e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/CyberDilara/1055", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:00.000000Z"}, {"uuid": "618aade4-edcf-4df1-b7d3-55b2d8340db5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/20667", "content": "The Hacker News\nGitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions\n\nGitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass.\nThe vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an attacker to log in as an arbitrary user within the vulnerable system. It was addressed by the maintainers last week.\nThe", "creation_timestamp": "2024-09-19T11:13:09.000000Z"}, {"uuid": "f44a6764-1f99-4946-95ae-e97a2dd90082", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "Telegram/HjcUvy_hO-Bvmzj7aR643XxN1B-_KeDLy7sdXVcl1Ft_Eg", "content": "", "creation_timestamp": "2024-09-19T10:06:27.000000Z"}, {"uuid": "debbe8b5-de5d-4332-97b0-046f1e86f5c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/4267", "content": "The Hacker News\nGitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions\n\nGitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass.\nThe vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an attacker to log in as an arbitrary user within the vulnerable system. It was addressed by the maintainers last week.\nThe", "creation_timestamp": "2024-09-19T11:13:09.000000Z"}, {"uuid": "41504f15-bf15-44e0-b795-432ef921f560", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/GrayHatsHack/8873", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:05.000000Z"}, {"uuid": "0d95d93f-162d-48ce-82fa-f6b5ab985ec5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/KomunitiSiber/2591", "content": "GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions\nhttps://thehackernews.com/2024/09/gitlab-patches-critical-saml.html\n\nGitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass.\nThe vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an attacker to log in as an arbitrary user within the vulnerable system. It was addressed by the maintainers last week.\nThe", "creation_timestamp": "2024-09-19T12:32:34.000000Z"}, {"uuid": "443d7657-7220-4a96-b0de-1acc26620511", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/dilagrafie/3789", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:18.000000Z"}, {"uuid": "fb562bf8-247c-4c5c-8c7b-c8a2393b5b4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/InfoSecInsider/24061", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:11.000000Z"}, {"uuid": "a6966ba8-4178-4bf0-b80f-f2287cfb9c60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2295", "content": "CVE-2024-45409\n*\nGitLab - SAML Authentication Bypass\n*\n\u041f\u0430\u0442\u0447 \u0443\u0436\u0435 \u0435\u0441\u0442\u044c, \u043d\u043e \u0432\u0441\u0435 \u0436\u0435.\n\u041f\u0440\u043e\u0446\u0435\u0441\u0441 \u0432\u043e\u0440\u043e\u0432\u0430\u043d\u0438\u044f cookie +  nuclei template\n*\nid: CVE-2024-45409\n\nnuclei template", "creation_timestamp": "2024-10-05T08:36:42.000000Z"}, {"uuid": "ba5b69ee-c1f2-4881-9b3f-7525cafd8576", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "published-proof-of-concept", "source": "https://t.me/Securi3yTalent/192", "content": "Checkout our new blogpost! In this post we talk about SAML and the recent Ruby-SAML Auth bypass.\n\nCVE-2024-45409: Ruby-SAML Auth Bypass in GitLab\n\nBlog: https://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass/\n\nFollow us__\n[\u00d7] https://t.me/Securi3yTalent\n[\u00d7] https://x.com/Securi3yTalent\n[\u00d7] https://facebook.com/Securi3ytalent", "creation_timestamp": "2024-10-07T10:09:23.000000Z"}, {"uuid": "072cdc2c-89f4-4a18-8b20-5ec30f78004c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/GrayHatsHack/7509", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:05.000000Z"}, {"uuid": "e2bea0e0-74fc-4e8d-b5b0-2a63c2c039fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "exploited", "source": "https://t.me/true_secator/6222", "content": "GitLab \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 SAML, \u0432\u043b\u0438\u044f\u044e\u0449\u0435\u0439 \u043d\u0430 \u0441\u0430\u043c\u043e\u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 GitLab Community Edition (CE) \u0438 Enterprise Edition (EE).\n\nSecurity Assertion Markup Language (SAML) - \u044d\u0442\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441 \u0435\u0434\u0438\u043d\u044b\u043c \u0432\u0445\u043e\u0434\u043e\u043c (SSO), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432\u0445\u043e\u0434\u0438\u0442\u044c \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0441\u043b\u0443\u0436\u0431\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043e\u0434\u043d\u0438 \u0438 \u0442\u0435 \u0436\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435.\n\nCVE-2024-45409 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430\u0445 OmniAuth-SAML \u0438 Ruby-SAML, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 GitLab \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0434\u043b\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 SAML.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442, \u043a\u043e\u0433\u0434\u0430 \u043e\u0442\u0432\u0435\u0442 SAML, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u043c \u0443\u0434\u043e\u0441\u0442\u043e\u0432\u0435\u0440\u0435\u043d\u0438\u0439 (IdP) \u0432 GitLab, \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043d\u0435\u0432\u0435\u0440\u043d\u0443\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0438\u043b\u0438 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0435\u0442\u0441\u044f \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u044f\u0446\u0438\u044f\u043c.\n\n\u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0445 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432 \u0432 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u044f\u0445 SAML, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a extern_uid (\u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043e\u0442\u0432\u0435\u0442 SAML, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0431\u043c\u0430\u043d\u043e\u043c \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442 GitLab \u0440\u0430\u0441\u043f\u043e\u0437\u043d\u0430\u0442\u044c \u0435\u0433\u043e \u043a\u0430\u043a \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e SAML \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0443 GitLab.\n\nCVE-2024-45409 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 GitLab 17.3.3, 17.2.7, 17.1.8, 17.0.8, 16.11.10 \u0438 \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0438 \u044d\u0442\u0438\u0445 \u0432\u0435\u0442\u043e\u043a. \n\n\u0423\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 GitLab 17.3.3, 17.2.7, 17.1.8, 17.0.8 \u0438 16.11.10, \u0433\u0434\u0435 OmniAuth SAML \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2.2.1, \u0430 Ruby-SAML \u2014 \u0434\u043e 1.17.0.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0432\u0441\u0435 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0446\u0438\u0438, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 GitLab \u043d\u0430 GitLab.com \u043d\u0435 \u043d\u0443\u0436\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438.\n\n\u0422\u0435\u043c, \u043a\u0442\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043d\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e, GitLab \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c 2FA \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 \u043e\u0431\u0445\u043e\u0434\u0430 SAML 2FA \u043d\u0430 \u00ab\u043d\u0435 \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u0442\u044c\u00bb.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c GitLab \u0432 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 \u0442\u0430\u043a\u0436\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u0443\u0435\u0442 \u043f\u0435\u0440\u0435\u0447\u0435\u043d\u044c \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u044c, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0443\u0436\u0435 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445:\n\n- \u041e\u0448\u0438\u0431\u043a\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 RubySaml::ValidationError (\u043d\u0435\u0443\u0434\u0430\u0447\u043d\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438).\n- \u041d\u043e\u0432\u044b\u0435 \u0438\u043b\u0438 \u043d\u0435\u043e\u0431\u044b\u0447\u043d\u044b\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f extern_uid \u0432 \u0436\u0443\u0440\u043d\u0430\u043b\u0430\u0445 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (\u0443\u0441\u043f\u0435\u0448\u043d\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438).\n- \u041e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0430\u044f \u0438\u043b\u0438 \u043d\u0435\u0432\u0435\u0440\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u0432 \u043e\u0442\u0432\u0435\u0442\u0430\u0445 SAML.\n- \u041d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0439 extern_uid \u0434\u043b\u044f \u043e\u0434\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f (\u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u044e \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438).\n- \u0410\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f SAML \u0441 \u043d\u0435\u0437\u043d\u0430\u043a\u043e\u043c\u043e\u0433\u043e \u0438\u043b\u0438 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u043f\u043e \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u044e \u0441 \u043e\u0431\u044b\u0447\u043d\u044b\u043c\u0438 \u0441\u0445\u0435\u043c\u0430\u043c\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.", "creation_timestamp": "2024-09-19T12:17:55.000000Z"}, {"uuid": "849ec9b0-1aa9-4bca-b6d3-27939b086209", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/thebugbountyhunter/9322", "content": "Ruby SAML CVE-2024-45409: As bad as it gets and hiding in plain sight \u2014 WorkOS\n\nhttps://workos.com/blog/ruby-saml-cve-2024-45409", "creation_timestamp": "2024-11-13T13:54:44.000000Z"}, {"uuid": "6a4f1591-8a4f-42d4-9444-0ea338e27670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/CyberBulletin/26004", "content": "\u26a1\ufe0fResearchers Detail Ruby-SAML/GitLab Flaw (CVE-2024-45409) Allows SAML Authentication Bypass.\n\n#CyberBulletin", "creation_timestamp": "2024-10-07T13:14:45.000000Z"}, {"uuid": "7062380b-56bf-4be1-aece-83b88cfc5f98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3287", "content": "https://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\nRuby-SAML / GitLab Authentication Bypass (CVE-2024-45409)\n#\u5206\u6790", "creation_timestamp": "2024-10-07T06:24:32.000000Z"}, {"uuid": "e179d0be-28de-414a-b8b9-b77a0bebd3a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9200", "content": "Ruby-SAML / GitLab Authentication Bypass (CVE-2024-45409)\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass/", "creation_timestamp": "2024-10-05T10:39:30.000000Z"}, {"uuid": "4e892563-8c9d-40d5-9f4f-44eb69202d84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-45405", "type": "published-proof-of-concept", "source": "https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-m8rp-vv92-46c7", "content": "", "creation_timestamp": "2024-09-06T05:50:31.000000Z"}, {"uuid": "33a9c530-e3ed-4cbb-83fa-a87f555b5197", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11240", "content": "#exploit\n1. CVE-2024-45409:\nRuby-SAML/GitLab Authentication Bypass\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200:\nMario Kart 8 Deluxe's \"KartLANPwn\" BoF\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n// CVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709", "creation_timestamp": "2024-10-06T14:45:15.000000Z"}, {"uuid": "702a2e8f-c612-4043-9941-4cfbbe91c20c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "published-proof-of-concept", "source": "Telegram/3UY0IzgvZaIH0nYXobECeXCnKq-ftWweeRWNm3sq8QPYZts", "content": "", "creation_timestamp": "2024-10-07T17:53:48.000000Z"}, {"uuid": "c0c213a1-5125-462f-8710-384375176457", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45409", "type": "seen", "source": "https://t.me/InfoSecInsider/492", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:11.000000Z"}, {"uuid": "c2b23315-e448-489c-802d-066901b3ddb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-45406", "type": "published-proof-of-concept", "source": "https://github.com/craftcms/cms/security/advisories/GHSA-28h4-788g-rh42", "content": "", "creation_timestamp": "2024-09-09T16:26:53.000000Z"}]}