Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/171686?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/171686?format=api", "purl": "pkg:gem/ruby-saml@0.0.5", "type": "gem", "namespace": "", "name": "ruby-saml", "version": "0.0.5", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.18.1", "latest_non_vulnerable_version": "1.18.1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51310?format=api", "vulnerability_id": "VCID-12er-nkhb-5kck", "summary": "Ruby SAML allows a SAML authentication bypass due to namespace handling (parser differential)\n### Summary\nAn authentication bypass vulnerability was found in ruby-saml due to a parser differential.\nReXML and Nokogiri parse XML differently, the parsers can generate entirely\ndifferent document structures from the same XML input. That allows an\nattacker to be able to execute a Signature Wrapping attack.\n\n### Impact\nThis issue may lead to authentication bypass.", "references": [ { "reference_url": "https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-18T14:32:48Z/" } ], "url": "https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-25292", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03321", "scoring_system": "epss", "scoring_elements": "0.87519", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03321", "scoring_system": "epss", "scoring_elements": "0.87514", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.03321", "scoring_system": "epss", "scoring_elements": "0.87518", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.03321", "scoring_system": "epss", "scoring_elements": "0.87526", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.03321", "scoring_system": "epss", "scoring_elements": "0.87516", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-25292" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-25292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-25292" }, { "reference_url": "https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-18T14:32:48Z/" } ], "url": "https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials" }, { "reference_url": "https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-18T14:32:48Z/" } ], "url": "https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-18T14:32:48Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-18T14:32:48Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-18T14:32:48Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-18T14:32:48Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-754f-8gm6-c4r2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-18T14:32:48Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-754f-8gm6-c4r2" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00011.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00011.html" }, { "reference_url": "https://news.ycombinator.com/item?id=43374519", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://news.ycombinator.com/item?id=43374519" }, { "reference_url": "https://portswigger.net/research/saml-roulette-the-hacker-always-wins", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-18T14:32:48Z/" } ], "url": "https://portswigger.net/research/saml-roulette-the-hacker-always-wins" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-329_GHSL-2024-330_ruby-saml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-18T14:32:48Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-329_GHSL-2024-330_ruby-saml" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20250314-0009", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20250314-0009" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100441", "reference_id": "1100441", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100441" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25292", "reference_id": "CVE-2025-25292", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25292" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2025-25292.yml", "reference_id": "CVE-2025-25292.YML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2025-25292.yml" }, { "reference_url": "https://github.com/advisories/GHSA-754f-8gm6-c4r2", "reference_id": "GHSA-754f-8gm6-c4r2", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-754f-8gm6-c4r2" }, { "reference_url": "https://usn.ubuntu.com/7409-1/", "reference_id": "USN-7409-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7409-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/84362?format=api", "purl": "pkg:gem/ruby-saml@1.12.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7g5d-1wbd-w3ev" }, { "vulnerability": "VCID-w8r1-wnkc-e3hk" }, { "vulnerability": "VCID-x721-mbr2-9bhh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.12.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/72820?format=api", "purl": "pkg:gem/ruby-saml@1.18.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-w8r1-wnkc-e3hk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.18.0" } ], "aliases": [ "CVE-2025-25292", "GHSA-754f-8gm6-c4r2" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-12er-nkhb-5kck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38459?format=api", "vulnerability_id": "VCID-4cuy-qn4h-vkcx", "summary": "The package ruby-saml is vulnerable to an XML signature wrapping attack in the specific scenario where there was a signature that referenced two elements at the same time (but past the scheme validator process since 1 of the element was inside the encrypted assertion).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5697", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.62024", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.6207", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.62054", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.62069", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.6208", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.62072", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5697" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5697", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5697" }, { "reference_url": "https://github.com/onelogin/ruby-saml/commit/a571f52171e6bfd87db59822d1d9e8c38fb3b995", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/onelogin/ruby-saml/commit/a571f52171e6bfd87db59822d1d9e8c38fb3b995" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2016-5697.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2016-5697.yml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5697", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5697" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/06/24/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2016/06/24/3" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828076", "reference_id": "828076", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828076" }, { "reference_url": "https://github.com/advisories/GHSA-36p7-xjw8-h6f2", "reference_id": "GHSA-36p7-xjw8-h6f2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-36p7-xjw8-h6f2" }, { "reference_url": "https://usn.ubuntu.com/7309-1/", "reference_id": "USN-7309-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7309-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53233?format=api", "purl": "pkg:gem/ruby-saml@1.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12er-nkhb-5kck" }, { "vulnerability": "VCID-7g5d-1wbd-w3ev" }, { "vulnerability": "VCID-d6a2-bseb-b7fb" }, { "vulnerability": "VCID-e63v-x8w4-vufw" }, { "vulnerability": "VCID-uhu9-4mv8-nbaf" }, { "vulnerability": "VCID-w1rp-n9ej-ruhv" }, { "vulnerability": "VCID-w8r1-wnkc-e3hk" }, { "vulnerability": "VCID-x721-mbr2-9bhh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.3.0" } ], "aliases": [ "CVE-2016-5697", "GHSA-36p7-xjw8-h6f2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4cuy-qn4h-vkcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49365?format=api", "vulnerability_id": "VCID-7g5d-1wbd-w3ev", "summary": "Ruby-saml has a SAML authentication bypass due to namespace handling (parser differential)\nRuby-saml up to and including 1.12.4, there is an authentication bypass vulnerability because of an incomplete fix for CVE-2025-25292. ReXML and Nokogiri parse XML differently, the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping attack. The vulnerability does not affect the version 1.18.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-66567", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.16133", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.16015", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15993", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.16079", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.16123", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-66567" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-09T14:16:33Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66567", "reference_id": "CVE-2025-66567", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66567" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2025-66567.yml", "reference_id": "CVE-2025-66567.YML", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2025-66567.yml" }, { "reference_url": "https://github.com/advisories/GHSA-754f-8gm6-c4r2", "reference_id": "GHSA-754f-8gm6-c4r2", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-09T14:16:33Z/" } ], "url": "https://github.com/advisories/GHSA-754f-8gm6-c4r2" }, { "reference_url": "https://github.com/advisories/GHSA-9v8j-x534-2fx3", "reference_id": "GHSA-9v8j-x534-2fx3", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9v8j-x534-2fx3" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-9v8j-x534-2fx3", "reference_id": "GHSA-9v8j-x534-2fx3", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-09T14:16:33Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-9v8j-x534-2fx3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72820?format=api", "purl": "pkg:gem/ruby-saml@1.18.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-w8r1-wnkc-e3hk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.18.0" } ], "aliases": [ "CVE-2025-66567", "GHSA-9v8j-x534-2fx3" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7g5d-1wbd-w3ev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37869?format=api", "vulnerability_id": "VCID-an6g-hdf9-w7dp", "summary": "XXE vulnerability\nThe gem is vulnerable to external entity expansion attacks.", "references": [ { "reference_url": "https://github.com/onelogin/ruby-saml/commit/a2e5318530701bf14528c5b3b51c880b3499a75d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/onelogin/ruby-saml/commit/a2e5318530701bf14528c5b3b51c880b3499a75d" }, { "reference_url": "https://github.com/onelogin/ruby-saml/pull/247", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/onelogin/ruby-saml/pull/247" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52257?format=api", "purl": "pkg:gem/ruby-saml@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12er-nkhb-5kck" }, { "vulnerability": "VCID-4cuy-qn4h-vkcx" }, { "vulnerability": "VCID-7g5d-1wbd-w3ev" }, { "vulnerability": "VCID-d6a2-bseb-b7fb" }, { "vulnerability": "VCID-e63v-x8w4-vufw" }, { "vulnerability": "VCID-uhu9-4mv8-nbaf" }, { "vulnerability": "VCID-w1rp-n9ej-ruhv" }, { "vulnerability": "VCID-w8r1-wnkc-e3hk" }, { "vulnerability": "VCID-x721-mbr2-9bhh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.0.0" } ], "aliases": [ "OSVDB-124383" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-an6g-hdf9-w7dp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51308?format=api", "vulnerability_id": "VCID-d6a2-bseb-b7fb", "summary": "Ruby SAML allows remote Denial of Service (DoS) with compressed SAML responses\n### Summary\nruby-saml is susceptible to remote Denial of Service (DoS) with compressed SAML responses.\n\nRuby-saml uses zlib to decompress SAML responses in case they're compressed.\nIt is possible to bypass the message size check with a compressed assertion\nsince the message size is checked before inflation and not after.\n\n### Impact\nThis issue may lead to remote Denial of Service (DoS).", "references": [ { "reference_url": "https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T20:36:09Z/" } ], "url": "https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-25293", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06225", "scoring_system": "epss", "scoring_elements": "0.91064", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.06225", "scoring_system": "epss", "scoring_elements": "0.91048", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.06225", "scoring_system": "epss", "scoring_elements": "0.91052", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.06225", "scoring_system": "epss", "scoring_elements": "0.91055", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.06225", "scoring_system": "epss", "scoring_elements": "0.91056", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-25293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-25293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-25293" }, { "reference_url": "https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T20:36:09Z/" } ], "url": "https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials" }, { "reference_url": "https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T20:36:09Z/" } ], "url": "https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/commit/acac9e9cc0b9a507882c614f25d41f8b47be349a", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T20:36:09Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/commit/acac9e9cc0b9a507882c614f25d41f8b47be349a" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e2da4c6dae7dc01a4d9cd221395140a67e2b3eb1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T20:36:09Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e2da4c6dae7dc01a4d9cd221395140a67e2b3eb1" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T20:36:09Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T20:36:09Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-92rq-c8cf-prrq", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T20:36:09Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-92rq-c8cf-prrq" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00011.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00011.html" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-355_ruby-saml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-12T20:36:09Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-355_ruby-saml" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20250314-0008", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20250314-0008" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100441", "reference_id": "1100441", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100441" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25293", "reference_id": "CVE-2025-25293", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25293" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2025-25293.yml", "reference_id": "CVE-2025-25293.YML", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2025-25293.yml" }, { "reference_url": "https://github.com/advisories/GHSA-92rq-c8cf-prrq", "reference_id": "GHSA-92rq-c8cf-prrq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-92rq-c8cf-prrq" }, { "reference_url": "https://usn.ubuntu.com/7409-1/", "reference_id": "USN-7409-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7409-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/84362?format=api", "purl": "pkg:gem/ruby-saml@1.12.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7g5d-1wbd-w3ev" }, { "vulnerability": "VCID-w8r1-wnkc-e3hk" }, { "vulnerability": "VCID-x721-mbr2-9bhh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.12.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/72820?format=api", "purl": "pkg:gem/ruby-saml@1.18.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-w8r1-wnkc-e3hk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.18.0" } ], "aliases": [ "CVE-2025-25293", "GHSA-92rq-c8cf-prrq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d6a2-bseb-b7fb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51313?format=api", "vulnerability_id": "VCID-e63v-x8w4-vufw", "summary": "Ruby SAML allows a SAML authentication bypass due to DOCTYPE handling (parser differential)\n### Summary\nAn authentication bypass vulnerability was found in ruby-saml due to a parser differential.\nReXML and Nokogiri parse XML differently, the parsers can generate entirely\ndifferent document structures from the same XML input. That allows an attacker\nto be able to execute a Signature Wrapping attack.\n\n### Impact\nThis issue may lead to authentication bypass.", "references": [ { "reference_url": "https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-03T20:06:31Z/" } ], "url": "https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-25291", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20843", "scoring_system": "epss", "scoring_elements": "0.95739", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.20843", "scoring_system": "epss", "scoring_elements": "0.9573", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.20843", "scoring_system": "epss", "scoring_elements": "0.95734", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.20843", "scoring_system": "epss", "scoring_elements": "0.95735", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-25291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-25291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-25291" }, { "reference_url": "https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-03T20:06:31Z/" } ], "url": "https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials" }, { "reference_url": "https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-03T20:06:31Z/" } ], "url": "https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-03T20:06:31Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-03T20:06:31Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-03T20:06:31Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-03T20:06:31Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-4vc4-m8qh-g8jm", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-03T20:06:31Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-4vc4-m8qh-g8jm" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00011.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00011.html" }, { "reference_url": "https://news.ycombinator.com/item?id=43374519", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://news.ycombinator.com/item?id=43374519" }, { "reference_url": "https://portswigger.net/research/saml-roulette-the-hacker-always-wins", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-03T20:06:31Z/" } ], "url": "https://portswigger.net/research/saml-roulette-the-hacker-always-wins" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2024-329_GHSL-2024-330_ruby-saml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-03T20:06:31Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2024-329_GHSL-2024-330_ruby-saml" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20250314-0010", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20250314-0010" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100441", "reference_id": "1100441", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100441" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25291", "reference_id": "CVE-2025-25291", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25291" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2025-25291.yml", "reference_id": "CVE-2025-25291.YML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2025-25291.yml" }, { "reference_url": "https://github.com/advisories/GHSA-4vc4-m8qh-g8jm", "reference_id": "GHSA-4vc4-m8qh-g8jm", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4vc4-m8qh-g8jm" }, { "reference_url": "https://usn.ubuntu.com/7409-1/", "reference_id": "USN-7409-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7409-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/84362?format=api", "purl": "pkg:gem/ruby-saml@1.12.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7g5d-1wbd-w3ev" }, { "vulnerability": "VCID-w8r1-wnkc-e3hk" }, { "vulnerability": "VCID-x721-mbr2-9bhh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.12.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/72820?format=api", "purl": "pkg:gem/ruby-saml@1.18.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-w8r1-wnkc-e3hk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.18.0" } ], "aliases": [ "CVE-2025-25291", "GHSA-4vc4-m8qh-g8jm" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e63v-x8w4-vufw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37846?format=api", "vulnerability_id": "VCID-hjc9-tfcb-efcz", "summary": "XPath Injection Vulnerability\nThe gem is vulnerable to XPath injection on xml_security.rb. The lack of prepared statements allows for command injection, leading to arbitrary code execution.", "references": [ { "reference_url": "https://github.com/onelogin/ruby-saml/commit/9853651b96b99653ea8627d757d46bfe62ab6448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/onelogin/ruby-saml/commit/9853651b96b99653ea8627d757d46bfe62ab6448" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52257?format=api", "purl": "pkg:gem/ruby-saml@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12er-nkhb-5kck" }, { "vulnerability": "VCID-4cuy-qn4h-vkcx" }, { "vulnerability": "VCID-7g5d-1wbd-w3ev" }, { "vulnerability": "VCID-d6a2-bseb-b7fb" }, { "vulnerability": "VCID-e63v-x8w4-vufw" }, { "vulnerability": "VCID-uhu9-4mv8-nbaf" }, { "vulnerability": "VCID-w1rp-n9ej-ruhv" }, { "vulnerability": "VCID-w8r1-wnkc-e3hk" }, { "vulnerability": "VCID-x721-mbr2-9bhh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.0.0" } ], "aliases": [ "OSVDB-124991" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hjc9-tfcb-efcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45288?format=api", "vulnerability_id": "VCID-kga7-6cqa-5qgh", "summary": "ruby-saml vulnerable to XPath injection\n`xml_security.rb` in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-20108", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.61139", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.6109", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.61147", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00489", "scoring_system": "epss", "scoring_elements": "0.65895", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01183", "scoring_system": "epss", "scoring_elements": "0.79124", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01183", "scoring_system": "epss", "scoring_elements": "0.79143", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-20108" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20108", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20108" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/OSVDB-124991.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-14T18:38:57Z/" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/OSVDB-124991.yml" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/commit/9853651b96b99653ea8627d757d46bfe62ab6448", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-14T18:38:57Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/commit/9853651b96b99653ea8627d757d46bfe62ab6448" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/compare/v0.9.2...v1.0.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-14T18:38:57Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/compare/v0.9.2...v1.0.0" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/pull/225", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-14T18:38:57Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/pull/225" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230703-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230703-0003" }, { "reference_url": "https://security.snyk.io/vuln/SNYK-RUBY-RUBYSAML-20217", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.snyk.io/vuln/SNYK-RUBY-RUBYSAML-20217" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-20108", "reference_id": "CVE-2015-20108", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-20108" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2015-20108.yml", "reference_id": "CVE-2015-20108.YML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2015-20108.yml" }, { "reference_url": "https://github.com/advisories/GHSA-r364-2pj4-pf7f", "reference_id": "GHSA-r364-2pj4-pf7f", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r364-2pj4-pf7f" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230703-0003/", "reference_id": "ntap-20230703-0003", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-14T18:38:57Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230703-0003/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52257?format=api", "purl": "pkg:gem/ruby-saml@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12er-nkhb-5kck" }, { "vulnerability": "VCID-4cuy-qn4h-vkcx" }, { "vulnerability": "VCID-7g5d-1wbd-w3ev" }, { "vulnerability": "VCID-d6a2-bseb-b7fb" }, { "vulnerability": "VCID-e63v-x8w4-vufw" }, { "vulnerability": "VCID-uhu9-4mv8-nbaf" }, { "vulnerability": "VCID-w1rp-n9ej-ruhv" }, { "vulnerability": "VCID-w8r1-wnkc-e3hk" }, { "vulnerability": "VCID-x721-mbr2-9bhh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.0.0" } ], "aliases": [ "CVE-2015-20108", "GHSA-r364-2pj4-pf7f", "OSV-124991" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kga7-6cqa-5qgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37799?format=api", "vulnerability_id": "VCID-rrbk-ke4h-1ffc", "summary": "Arbitrary code execution\nThe gem contains a flaw that is triggered as the URI value of a SAML response is not properly sanitized through a prepared statement. This may allow a remote attacker to execute arbitrary shell commands on the host machine.", "references": [ { "reference_url": "https://github.com/onelogin/ruby-saml/pull/183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/onelogin/ruby-saml/pull/183" }, { "reference_url": "http://www.osvdb.org/show/osvdb/117903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/show/osvdb/117903" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52145?format=api", "purl": "pkg:gem/ruby-saml@0.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12er-nkhb-5kck" }, { "vulnerability": "VCID-4cuy-qn4h-vkcx" }, { "vulnerability": "VCID-7g5d-1wbd-w3ev" }, { "vulnerability": "VCID-an6g-hdf9-w7dp" }, { "vulnerability": "VCID-d6a2-bseb-b7fb" }, { "vulnerability": "VCID-e63v-x8w4-vufw" }, { "vulnerability": "VCID-hjc9-tfcb-efcz" }, { "vulnerability": "VCID-kga7-6cqa-5qgh" }, { "vulnerability": "VCID-uhu9-4mv8-nbaf" }, { "vulnerability": "VCID-w1rp-n9ej-ruhv" }, { "vulnerability": "VCID-w8r1-wnkc-e3hk" }, { "vulnerability": "VCID-x721-mbr2-9bhh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@0.8.2" } ], "aliases": [ "OSVDB-117903" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rrbk-ke4h-1ffc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40917?format=api", "vulnerability_id": "VCID-uhu9-4mv8-nbaf", "summary": "Authentication bypass via incorrect DOM traversal and canonicalization\nSome XML DOM traversal and canonicalization APIs may be inconsistent in handling of comments within XML nodes. Incorrect use of these APIs by some SAML libraries results in incorrect parsing of the inner text of XML nodes such that any inner text after the comment is lost prior to cryptographically signing the SAML message. Text after the comment therefore has no impact on the signature on the SAML message. A remote attacker can modify SAML content for a SAML service provider without invalidating the cryptographic signature, which may allow attackers to bypass primary authentication for the affected SAML service provider", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11428", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59439", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59395", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59446", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59449", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59441", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59421", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11428" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11428", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11428" }, { "reference_url": "https://cwe.mitre.org/data/definitions/287.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cwe.mitre.org/data/definitions/287.html" }, { "reference_url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations" }, { "reference_url": "https://github.com/onelogin/ruby-saml/commit/048a544730930f86e46804387a6b6fad50d8176f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3", "scoring_elements": "" } ], "url": "https://github.com/onelogin/ruby-saml/commit/048a544730930f86e46804387a6b6fad50d8176f" }, { "reference_url": "https://github.com/onelogin/ruby-saml/releases/tag/v1.6.2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/onelogin/ruby-saml/releases/tag/v1.6.2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11428", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11428" }, { "reference_url": "https://shibboleth.net/community/advisories/secadv_20180112.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://shibboleth.net/community/advisories/secadv_20180112.txt" }, { "reference_url": "https://www.kb.cert.org/vuls/id/475445", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.kb.cert.org/vuls/id/475445" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892865", "reference_id": "892865", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892865" }, { "reference_url": "https://github.com/advisories/GHSA-x2fr-v8wf-8wwv", "reference_id": "GHSA-x2fr-v8wf-8wwv", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x2fr-v8wf-8wwv" }, { "reference_url": "https://usn.ubuntu.com/7309-1/", "reference_id": "USN-7309-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7309-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57843?format=api", "purl": "pkg:gem/ruby-saml@1.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12er-nkhb-5kck" }, { "vulnerability": "VCID-7g5d-1wbd-w3ev" }, { "vulnerability": "VCID-d6a2-bseb-b7fb" }, { "vulnerability": "VCID-e63v-x8w4-vufw" }, { "vulnerability": "VCID-w1rp-n9ej-ruhv" }, { "vulnerability": "VCID-w8r1-wnkc-e3hk" }, { "vulnerability": "VCID-x721-mbr2-9bhh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.6.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/144322?format=api", "purl": "pkg:gem/ruby-saml@1.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12er-nkhb-5kck" }, { "vulnerability": "VCID-7g5d-1wbd-w3ev" }, { "vulnerability": "VCID-d6a2-bseb-b7fb" }, { "vulnerability": "VCID-e63v-x8w4-vufw" }, { "vulnerability": "VCID-w1rp-n9ej-ruhv" }, { "vulnerability": "VCID-w8r1-wnkc-e3hk" }, { "vulnerability": "VCID-x721-mbr2-9bhh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.7.0" } ], "aliases": [ "CVE-2017-11428", "GHSA-x2fr-v8wf-8wwv" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uhu9-4mv8-nbaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51312?format=api", "vulnerability_id": "VCID-w1rp-n9ej-ruhv", "summary": "SAML authentication bypass via Incorrect XPath selector\nRuby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response.\nAn unauthenticated attacker with access to any signed saml document (by the IdP) can thus forge a SAML\nResponse/Assertion with arbitrary contents. This would allow the attacker to log in as arbitrary user within\nthe vulnerable system.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.44644", "scoring_system": "epss", "scoring_elements": "0.97643", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.44644", "scoring_system": "epss", "scoring_elements": "0.97648", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.44644", "scoring_system": "epss", "scoring_elements": "0.97647", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.44644", "scoring_system": "epss", "scoring_elements": "0.97645", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45409" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45409", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45409" }, { "reference_url": "https://github.com/omniauth/omniauth-saml", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "9.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/omniauth/omniauth-saml" }, { "reference_url": "https://github.com/omniauth/omniauth-saml/commit/4274e9d57e65f2dcaae4aa3b2accf831494f2ddd", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "9.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/omniauth/omniauth-saml/commit/4274e9d57e65f2dcaae4aa3b2accf831494f2ddd" }, { "reference_url": "https://github.com/omniauth/omniauth-saml/commit/6c681fd082ab3daf271821897a40ab3417382e29", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "9.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/omniauth/omniauth-saml/commit/6c681fd082ab3daf271821897a40ab3417382e29" }, { "reference_url": "https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-cvp8-5r8g-fhvq", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "9.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-10T19:10:27Z/" } ], "url": "https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-cvp8-5r8g-fhvq" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "9.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/commit/1ec5392bc506fe43a02dbb66b68741051c5ffeae", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "9.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-10T19:10:27Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/commit/1ec5392bc506fe43a02dbb66b68741051c5ffeae" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/commit/4865d030cae9705ee5cdb12415c654c634093ae7", "reference_id": "", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "9.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-10T19:10:27Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/commit/4865d030cae9705ee5cdb12415c654c634093ae7" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081560", "reference_id": "1081560", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081560" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45409", "reference_id": "CVE-2024-45409", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "9.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45409" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/omniauth-saml/CVE-2024-45409.yml", "reference_id": "CVE-2024-45409.YML", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "9.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/omniauth-saml/CVE-2024-45409.yml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2024-45409.yml", "reference_id": "CVE-2024-45409.YML", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "9.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2024-45409.yml" }, { "reference_url": "https://github.com/advisories/GHSA-cvp8-5r8g-fhvq", "reference_id": "GHSA-cvp8-5r8g-fhvq", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cvp8-5r8g-fhvq" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/omniauth-saml/GHSA-cvp8-5r8g-fhvq.yml", "reference_id": "GHSA-cvp8-5r8g-fhvq.yml", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "9.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/omniauth-saml/GHSA-cvp8-5r8g-fhvq.yml" }, { "reference_url": "https://github.com/advisories/GHSA-jw9c-mfg7-9rx2", "reference_id": "GHSA-jw9c-mfg7-9rx2", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jw9c-mfg7-9rx2" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-jw9c-mfg7-9rx2", "reference_id": "GHSA-jw9c-mfg7-9rx2", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "9.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-10T19:10:27Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-jw9c-mfg7-9rx2" }, { "reference_url": "https://usn.ubuntu.com/7309-1/", "reference_id": "USN-7309-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7309-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/82604?format=api", "purl": "pkg:gem/ruby-saml@1.12.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12er-nkhb-5kck" }, { "vulnerability": "VCID-7g5d-1wbd-w3ev" }, { "vulnerability": "VCID-d6a2-bseb-b7fb" }, { "vulnerability": "VCID-e63v-x8w4-vufw" }, { "vulnerability": "VCID-w8r1-wnkc-e3hk" }, { "vulnerability": "VCID-x721-mbr2-9bhh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.12.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/82605?format=api", "purl": "pkg:gem/ruby-saml@1.17.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12er-nkhb-5kck" }, { "vulnerability": "VCID-7g5d-1wbd-w3ev" }, { "vulnerability": "VCID-d6a2-bseb-b7fb" }, { "vulnerability": "VCID-e63v-x8w4-vufw" }, { "vulnerability": "VCID-w8r1-wnkc-e3hk" }, { "vulnerability": "VCID-x721-mbr2-9bhh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.17.0" } ], "aliases": [ "CVE-2024-45409", "GHSA-cvp8-5r8g-fhvq", "GHSA-jw9c-mfg7-9rx2" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w1rp-n9ej-ruhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51314?format=api", "vulnerability_id": "VCID-w8r1-wnkc-e3hk", "summary": "Ruby SAML DOS vulnerability with large SAML response\n### Summary\n\nA denial-of-service vulnerability exists in ruby-saml even with the\nmessage_max_bytesize setting configured. The vulnerability occurs\nbecause the SAML response is validated for Base64 format prior to\nchecking the message size, leading to potential resource exhaustion.\n\n### Details\n\n`ruby-saml` includes a `message_max_bytesize` setting intended to\nprevent DOS attacks and decompression bombs. However, this protection\nis ineffective in some cases due to the order of operations in the code:\n\nhttps://github.com/SAML-Toolkits/ruby-saml/blob/fbbedc978300deb9355a8e505849666974ef2e67/lib/onelogin/ruby-saml/saml_message.rb\n\n```ruby\n def decode_raw_saml(saml, settings = nil)\n return saml unless base64_encoded?(saml)\n# <--- Issue here. Should be moved after next code block.\n\n settings = OneLogin::RubySaml::Settings.new if settings.nil?\n if saml.bytesize > settings.message_max_bytesize\n raise ValidationError.new(\\\"Encoded SAML Message exceeds \\\" +\n settings.message_max_bytesize.to_s +\n \\\" bytes, so was rejected\\\")\n end\n decoded = decode(saml)\n ...\n end\n```\n\nThe vulnerability is in the execution order. Prior to checking\nbytesize the `base64_encoded?` function performs regex matching\non the entire input string:\n\n```ruby\n!!string.gsub(/[\\\\r\\]|\\\\\\\\r|\\\\\\|\\\\s/, \\\"\\\").match(BASE64_FORMAT)\n```\n\n### Impact\n\n_What kind of vulnerability is it? Who is impacted?_\n\nWhen successfully exploited, this vulnerability can lead to:\n- Excessive memory consumption\n- High CPU utilization\n- Application slowdown or unresponsiveness\n- Complete application crash in severe cases\n- Potential denial of service for legitimate users\n\nAll applications using `ruby-saml` with SAML configured and\nenabled are vulnerable.\n\n### Potential Solution\n\nReorder the validation steps to ensure max bytesize is checked first\n\n```ruby\ndef decode_raw_saml(saml, settings = nil)\n settings = OneLogin::RubySaml::Settings.new\nif settings.nil?\n if saml.bytesize > settings.message_max_bytesize\n raise ValidationError.new(\\\"Encoded SAML Message exceeds \\\" +\n settings.message_max_bytesize.to_s + \\\" bytes, so was rejected\\\")\n end\n return saml unless base64_encoded?(saml)\n decoded = decode(saml)\n ...\nend\n```", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54572", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.69332", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.69312", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.69337", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.69328", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54572" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54572", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54572" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/commit/38ef5dd1ce17514e202431f569c4f5633e6c2709", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-30T14:17:38Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/commit/38ef5dd1ce17514e202431f569c4f5633e6c2709" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/pull/770", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-30T14:17:38Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/pull/770" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-30T14:17:38Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.1" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-rrqh-93c8-j966", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-30T14:17:38Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-rrqh-93c8-j966" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00001.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54572", "reference_id": "CVE-2025-54572", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54572" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2025-54572.yml", "reference_id": "CVE-2025-54572.YML", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2025-54572.yml" }, { "reference_url": "https://github.com/advisories/GHSA-rrqh-93c8-j966", "reference_id": "GHSA-rrqh-93c8-j966", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rrqh-93c8-j966" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85924?format=api", "purl": "pkg:gem/ruby-saml@1.18.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.18.1" } ], "aliases": [ "CVE-2025-54572", "GHSA-rrqh-93c8-j966" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w8r1-wnkc-e3hk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49360?format=api", "vulnerability_id": "VCID-x721-mbr2-9bhh", "summary": "Ruby-saml allows a Libxml2 Canonicalization error to bypass Digest/Signature validation\nRuby-saml up to and including 1.12.4, there is an authentication bypass vulnerability because of an issue at libxml2 canonicalization process used by Nokogiri for document transformation. That allows an attacker to be able to execute a Signature Wrapping attack. The vulnerability does not affect the version 1.18.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-66568", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15447", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.1539", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15363", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15487", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15496", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-66568" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/commit/acac9e9cc0b9a507882c614f25d41f8b47be349a", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-09T14:16:24Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/commit/acac9e9cc0b9a507882c614f25d41f8b47be349a" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66568", "reference_id": "CVE-2025-66568", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66568" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2025-66568.yml", "reference_id": "CVE-2025-66568.YML", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2025-66568.yml" }, { "reference_url": "https://github.com/advisories/GHSA-x4h9-gwv3-r4m4", "reference_id": "GHSA-x4h9-gwv3-r4m4", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x4h9-gwv3-r4m4" }, { "reference_url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-x4h9-gwv3-r4m4", "reference_id": "GHSA-x4h9-gwv3-r4m4", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-09T14:16:24Z/" } ], "url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-x4h9-gwv3-r4m4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72820?format=api", "purl": "pkg:gem/ruby-saml@1.18.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-w8r1-wnkc-e3hk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@1.18.0" } ], "aliases": [ "CVE-2025-66568", "GHSA-x4h9-gwv3-r4m4" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x721-mbr2-9bhh" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/ruby-saml@0.0.5" }