Two severe security vulnerabilities have been identified in the ruby-saml library that could enable attackers to bypass SAML authentication protections. These flaws, tracked as CVE-2025-25291 and CVE-2025-25292, are linked to discrepancies in XML parsing between REXML and Nokogiri, which allow for Signature Wrapping attacks. Discovered by GitHub Security Lab in November 2024, these weaknesses could lead to account takeover situations. Users are advised to update to the patched versions to mitigate risks, as a remote denial-of-service flaw has also been addressed in these updates.
The vulnerabilities in the ruby-saml library could let attackers bypass SAML authentication protections, leading to serious account takeover threats.
The core issue stems from different XML parsing by REXML and Nokogiri, enabling Signature Wrapping attacks leading to authentication bypass.
Collection
[
|
...
]