Added >= 1.10.5, < 2.0.0 to CVE-2024-45409 and GHSA-cvp8-5r8g-fhvq (#814).

postmodern · postmodern · commit ba2f9848a1ba · 2024-09-20T11:47:45.000-07:00
diff --git a/gems/omniauth-saml/CVE-2024-45409.yml b/gems/omniauth-saml/CVE-2024-45409.yml
@@ -12,4 +12,5 @@ description: |
   the vulnerable system.
 cvss_v3: 10.0
 patched_versions:
+  - ">= 1.10.5, < 2.0.0"
   - ">= 2.2.0"
diff --git a/gems/omniauth-saml/GHSA-cvp8-5r8g-fhvq.yml b/gems/omniauth-saml/GHSA-cvp8-5r8g-fhvq.yml
@@ -14,6 +14,7 @@ description: |
   by upgrading ruby-saml to the patched versions v1.17.
 cvss_v3: 10.0
 patched_versions:
+  - ">= 1.10.5, < 2.0.0"
   - ">= 2.1.1"
 related:
   ghsa:
