📦 Ruby Saml

The ruby-saml library contains an authentication bypass vulnerability due to XML parsing differences between ReXML and Nokogiri, allowing attackers to execute Signature Wrapping attacks. This affects ...

The ruby-saml library versions up to 1.12.4 are vulnerable to authentication bypass via Signature Wrapping attacks. Attackers can exploit libxml2's canonicalization behavior on invalid XML to bypass S...

CVE-2025-25291 is an authentication bypass vulnerability in ruby-saml that allows attackers to bypass SAML single sign-on authentication via signature wrapping attacks. The vulnerability stems from pa...

CVE-2024-45409 is a critical authentication bypass vulnerability in the Ruby SAML library where SAML response signatures are not properly verified. This allows unauthenticated attackers with access to...

This vulnerability in the ruby-saml gem allows XPath injection leading to remote code execution. Attackers can execute arbitrary code on systems using vulnerable versions of the gem. Any Ruby applicat...

This vulnerability in ruby-saml allows remote attackers to cause Denial of Service (DoS) by sending specially crafted compressed SAML responses. The library checks message size before decompression, e...