{"vulnerability": "CVE-2022-39299", "sightings": [{"uuid": "b751a7d3-4556-4c75-828f-34aff4e800ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39299", "type": "seen", "source": "https://t.me/arpsyndicate/2660", "content": "#ExploitObserverAlert\n\nCVE-2022-39299\n\nDESCRIPTION: Exploit Observer has 7 entries related to CVE-2022-39299. Passport-SAML is a SAML 2.0 authentication provider for Passport, the Node.js authentication library. A remote attacker may be able to bypass SAML authentication on a website using passport-saml. A successful attack requires that the attacker is in possession of an arbitrary IDP signed XML element. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. Users should upgrade to passport-saml version 3.2.2 or newer. The issue was also present in the beta releases of `node-saml` before version 4.0.0-beta.5. If you cannot upgrade, disabling SAML authentication may be done as a workaround.\n\nFIRST-EPSS: 0.007470000\nNVD-IS: 5.9\nNVD-ES: 2.2", "creation_timestamp": "2024-01-08T17:25:59.000000Z"}, {"uuid": "0427d2c8-097d-4679-832b-7d26a027abe9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39299", "type": "seen", "source": "https://t.me/cibsecurity/52483", "content": "\u203c CVE-2022-39353 \u203c\n\nxmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. xmldom parses XML that is not well-formed because it contains multiple top level elements, and adds all root nodes to the `childNodes` collection of the `Document`, without reporting any error or throwing. This breaks the assumption that there is only a single root node in the tree, which led to issuance of CVE-2022-39299 as it is a potential issue for dependents. Update to @xmldom/xmldom@~0.7.7, @xmldom/xmldom@~0.8.4 (dist-tag latest) or @xmldom/xmldom@>=0.9.0-beta.4 (dist-tag next). As a workaround, please one of the following approaches depending on your use case: instead of searching for elements in the whole DOM, only search in the `documentElement`or reject a document with a document that has more then 1 `childNode`.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T19:19:48.000000Z"}, {"uuid": "b6b7a877-683e-4acd-92dd-ba74d9dcf970", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39299", "type": "published-proof-of-concept", "source": "Telegram/xcGRNH_EwORElMZ3bAgEoqPH6J5Y6svZZQkqCrYpVnROx_w", "content": "", "creation_timestamp": "2025-03-30T11:00:06.000000Z"}]}