RubyGems package
ruby-saml
pkg:gem/ruby-saml
Vulnerabilities (10)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-66568 | — | < 1.18.0 | 1.18.0 | Dec 9, 2025 | The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through the libxml2 canonicalization process used by Nokogiri for document transformation, which allows an attacker to execute a | ||
| CVE-2025-66567 | — | < 1.18.0 | 1.18.0 | Dec 9, 2025 | The ruby-saml library is for implementing the client side of a SAML authorization. ruby-saml versions up to and including 1.12.4 contain an authentication bypass vulnerability due to an incomplete fix for CVE-2025-25292. ReXML and Nokogiri parse XML differently, generating entire | ||
| CVE-2025-54572 | Med | — | < 1.18.1 | 1.18.1 | Jul 30, 2025 | The Ruby SAML library is for implementing the client side of a SAML authorization. In versions 1.18.0 and below, a denial-of-service vulnerability exists in ruby-saml even with the message_max_bytesize setting configured. The vulnerability occurs because the SAML response is vali | |
| CVE-2025-25292 | — | >= 1.13.0, < 1.18.0 | 1.18.0 | Mar 12, 2025 | ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently, the parsers can ge | ||
| CVE-2025-25291 | — | < 1.12.4 | 1.12.4 | Mar 12, 2025 | ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can ge | ||
| CVE-2025-25293 | — | < 1.12.4 | 1.12.4 | Mar 12, 2025 | ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Prior to versions 1.12.4 and 1.18.0, ruby-saml is susceptible to remote Denial of Service (DoS) with compressed SAML responses. ruby-saml uses zlib to decompress SAML responses in case the | ||
| CVE-2024-45409 | — | < 1.12.3 | 1.12.3 | Sep 10, 2024 | The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document (by the IdP) can thus forg | ||
| CVE-2015-20108 | — | < 1.0.0 | 1.0.0 | May 27, 2023 | xml_security.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used. | ||
| CVE-2017-11428 | — | < 1.7.0 | 1.7.0 | Apr 17, 2019 | OneLogin Ruby-SAML 1.6.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypa | ||
| CVE-2016-5697 | Hig | 7.5 | < 1.3.0 | 1.3.0 | Jan 23, 2017 | Ruby-saml before 1.3.0 allows attackers to perform XML signature wrapping attacks via unspecified vectors. |
- CVE-2025-66568Dec 9, 2025affected < 1.18.0fixed 1.18.0
The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through the libxml2 canonicalization process used by Nokogiri for document transformation, which allows an attacker to execute a
- CVE-2025-66567Dec 9, 2025affected < 1.18.0fixed 1.18.0
The ruby-saml library is for implementing the client side of a SAML authorization. ruby-saml versions up to and including 1.12.4 contain an authentication bypass vulnerability due to an incomplete fix for CVE-2025-25292. ReXML and Nokogiri parse XML differently, generating entire
- affected < 1.18.1fixed 1.18.1
The Ruby SAML library is for implementing the client side of a SAML authorization. In versions 1.18.0 and below, a denial-of-service vulnerability exists in ruby-saml even with the message_max_bytesize setting configured. The vulnerability occurs because the SAML response is vali
- CVE-2025-25292Mar 12, 2025affected >= 1.13.0, < 1.18.0fixed 1.18.0
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently, the parsers can ge
- CVE-2025-25291Mar 12, 2025affected < 1.12.4fixed 1.12.4
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can ge
- CVE-2025-25293Mar 12, 2025affected < 1.12.4fixed 1.12.4
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Prior to versions 1.12.4 and 1.18.0, ruby-saml is susceptible to remote Denial of Service (DoS) with compressed SAML responses. ruby-saml uses zlib to decompress SAML responses in case the
- CVE-2024-45409Sep 10, 2024affected < 1.12.3fixed 1.12.3
The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document (by the IdP) can thus forg
- CVE-2015-20108May 27, 2023affected < 1.0.0fixed 1.0.0
xml_security.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used.
- CVE-2017-11428Apr 17, 2019affected < 1.7.0fixed 1.7.0
OneLogin Ruby-SAML 1.6.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypa
- affected < 1.3.0fixed 1.3.0
Ruby-saml before 1.3.0 allows attackers to perform XML signature wrapping attacks via unspecified vectors.