Search for packages
| purl | pkg:gem/ruby-saml@0.0.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3m5h-69jv-uyhs
Aliases: CVE-2025-66568 GHSA-x4h9-gwv3-r4m4 |
The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through the libxml2 canonicalization process used by Nokogiri for document transformation, which allows an attacker to execute a Signature Wrapping attack. When libxml2’s canonicalization is invoked on an invalid XML input, it may return an empty string rather than a canonicalized node. ruby-saml then proceeds to compute the DigestValue over this empty string, treating it as if canonicalization succeeded. This issue is fixed in version 1.18.0. |
Affected by 1 other vulnerability. |
|
VCID-7x2a-5su3-6bgx
Aliases: OSVDB-124991 |
XPath Injection Vulnerability The gem is vulnerable to XPath injection on xml_security.rb. The lack of prepared statements allows for command injection, leading to arbitrary code execution. |
Affected by 9 other vulnerabilities. |
|
VCID-dwax-f22f-5ybj
Aliases: CVE-2025-54572 GHSA-rrqh-93c8-j966 |
The Ruby SAML library is for implementing the client side of a SAML authorization. In versions 1.18.0 and below, a denial-of-service vulnerability exists in ruby-saml even with the message_max_bytesize setting configured. The vulnerability occurs because the SAML response is validated for Base64 format prior to checking the message size, leading to potential resource exhaustion. This is fixed in version 1.18.1. |
Affected by 0 other vulnerabilities. |
|
VCID-ezvv-kjum-jkdd
Aliases: CVE-2015-20108 GHSA-r364-2pj4-pf7f OSV-124991 |
xml_security.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used. |
Affected by 9 other vulnerabilities. |
|
VCID-ffet-nnc7-k3ca
Aliases: CVE-2024-45409 GHSA-jw9c-mfg7-9rx2 |
The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document (by the IdP) can thus forge a SAML Response/Assertion with arbitrary contents. This would allow the attacker to log in as arbitrary user within the vulnerable system. This vulnerability is fixed in 1.17.0 and 1.12.3. |
Affected by 6 other vulnerabilities. Affected by 6 other vulnerabilities. |
|
VCID-fxzr-8eyk-y3d3
Aliases: CVE-2025-25292 GHSA-754f-8gm6-c4r2 |
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently, the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping attack. This issue may lead to authentication bypass. Versions 1.12.4 and 1.18.0 contain a patch for the issue. |
Affected by 3 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-gxzu-fv72-5ydg
Aliases: CVE-2025-25293 GHSA-92rq-c8cf-prrq |
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Prior to versions 1.12.4 and 1.18.0, ruby-saml is susceptible to remote Denial of Service (DoS) with compressed SAML responses. ruby-saml uses zlib to decompress SAML responses in case they're compressed. It is possible to bypass the message size check with a compressed assertion since the message size is checked before inflation and not after. This issue may lead to remote Denial of Service (DoS). Versions 1.12.4 and 1.18.0 fix the issue. |
Affected by 3 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-hbeg-7f9g-pqe2
Aliases: OSVDB-124383 |
XXE vulnerability The gem is vulnerable to external entity expansion attacks. |
Affected by 9 other vulnerabilities. |
|
VCID-psrx-7yk1-4kce
Aliases: CVE-2016-5697 GHSA-36p7-xjw8-h6f2 |
Ruby-saml allows attackers to perform XML signature wrapping attacks |
Affected by 8 other vulnerabilities. |
|
VCID-radx-unvy-ubaq
Aliases: CVE-2025-25291 GHSA-4vc4-m8qh-g8jm |
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping attack. This issue may lead to authentication bypass. Versions 1.12.4 and 1.18.0 fix the issue. |
Affected by 3 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-rxn8-pfdu-uqd3
Aliases: CVE-2025-66567 GHSA-9v8j-x534-2fx3 |
The ruby-saml library is for implementing the client side of a SAML authorization. ruby-saml versions up to and including 1.12.4 contain an authentication bypass vulnerability due to an incomplete fix for CVE-2025-25292. ReXML and Nokogiri parse XML differently, generating entirely different document structures from the same input. This allows an attacker to execute a Signature Wrapping attack. This issue is fixed in version 1.18.0. |
Affected by 1 other vulnerability. |
|
VCID-wt4d-at2x-5yhp
Aliases: OSVDB-117903 |
Arbitrary code execution The gem contains a flaw that is triggered as the URI value of a SAML response is not properly sanitized through a prepared statement. This may allow a remote attacker to execute arbitrary shell commands on the host machine. |
Affected by 12 other vulnerabilities. |
|
VCID-yh1m-wtu8-6bgc
Aliases: CVE-2017-11428 GHSA-x2fr-v8wf-8wwv |
Ruby-SAML Improper Authentication vulnerability |
Affected by 7 other vulnerabilities. Affected by 7 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||