369 matches found
CVE-2025-23389
CVE-2025-23389 is an improper access control flaw in Rancher where a local user can impersonate other identities during first login via SAML. Affected Rancher releases: 2.8.0–2.8.13, 2.9.0–2.9.7, and 2.10.0–2.10.3. Impact per sources: high, with potential confidentiality and integrity impacts and...
CVE-2025-23389 Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login
A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login. This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3...
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks
Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language SAML authentication protections. SAML is an XML-based markup language and open-standard used for exchanging authentication and...
CVE-2025-25292
Ruby-saml contains an authentication bypass vulnerability caused by a parser differential between ReXML and Nokogiri. The issue affects versions older than 1.12.4 and 1.18.0, enabling a Signature Wrapping attack that can lead to bypassing SAML authentication. A patch exists in versions 1.12.4 and...
Ruby SAML allows a SAML authentication bypass due to DOCTYPE handling (parser differential)
Summary An authentication bypass vulnerability was found in ruby-saml due to a parser differential. ReXML and Nokogiri parse XML differently, the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping...
CVE-2025-25291 ruby-saml vulnerable to SAML authentication bypass due to DOCTYPE handling (parser differential)
ruby-saml provides security assertion markup language SAML single sign-on SSO for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely...
CVE-2025-25291
ruby-saml vulnerabilities CVE-2025-25291/25292/25293 relate to a parser differential between ReXML and Nokogiri that enables a Signature Wrapping authentication bypass and related DoS when handling SAML inputs. Affected versions prior to 1.12.4 and 1.18.0 are vulnerable; fixes are shipped in 1.12...
GHSA-4VC4-M8QH-G8JM
creationtimestamp| type| source ---|---|--- 2025-03-12 20:07:18+00:00| seen| https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials/ 2025-03-12 20:42:37+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7376 2025-03-13...
GO-2025-3505 Fleet has SAML authentication vulnerability due to improper SAML response validation in github.com/fleetdm/fleet
Fleet has SAML authentication vulnerability due to improper SAML response validation in github.com/fleetdm/fleet. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports...
GHSA-52JX-G6M5-H735 Fleet has SAML authentication vulnerability due to improper SAML response validation
Summary A vulnerability in Fleet’s SAML authentication handling could allow an attacker to forge authentication assertions and gain unauthorized access to Fleet. In certain configurations, this could result in the creation of new user accounts, including administrative accounts. This issue affect...
Fleet has SAML authentication vulnerability due to improper SAML response validation
Summary A vulnerability in Fleet’s SAML authentication handling could allow an attacker to forge authentication assertions and gain unauthorized access to Fleet. In certain configurations, this could result in the creation of new user accounts, including administrative accounts. This issue affect...
CVE-2025-27509 SAML authentication vulnerability due to improper SAML response validation
fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time JIT provisioning is enabled, or create new...
CVE-2025-27509 SAML authentication vulnerability due to improper SAML response validation
fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time JIT provisioning is enabled, or create new...
Improper Access Control
Rancher is vulnerable to Improper Access Control. The vulnerability is due to improper access due to unauthenticated users being able to list and delete CLI authentication tokens before they can be retrieved, preventing CLI-based login for SAML-authenticated users...
GO-2025-3490 Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login in github.com/rancher/rancher
Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login in github.com/rancher/rancher. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this...
GHSA-MQ23-VVG7-XFM4 Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login
Impact A vulnerability in Rancher has been discovered, leading to a local user impersonation through SAML Authentication on first login. The issue occurs when a SAML authentication provider AP is configured e.g. Keycloak. A newly created AP user can impersonate any user on Rancher by manipulating...
Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login
Impact A vulnerability in Rancher has been discovered, leading to a local user impersonation through SAML Authentication on first login. The issue occurs when a SAML authentication provider AP is configured e.g. Keycloak. A newly created AP user can impersonate any user on Rancher by manipulating...
PT-2025-9096 · Rancher · Rancher
Name of the Vulnerable Software and Affected Versions: Rancher versions 2.8.0 through 2.8.12 Rancher versions 2.9.0 through 2.9.6 Rancher versions 2.10.0 through 2.10.2 Description: A local user can impersonate other identities through SAML Authentication on first login due to an improper access...
PT-2025-9094 · Rancher · Rancher
Name of the Vulnerable Software and Affected Versions: Rancher versions prior to v2.8.13 Rancher versions prior to v2.9.7 Rancher versions prior to v2.10.3 Description: A vulnerability has been identified in Rancher where an unauthenticated user can list and delete CLI authentication tokens,...
AspNetCore Remote Authenticator for CIE3.0 Allows SAML Response Signature Verification Bypass
Description Authentication using Spid and CIE is based on the SAML2 standard which provides for two entities: Identity Provider IdP: the system that authenticates users and provides identity information SAML assertions to the Service Provider, essentially, it is responsible for managing user...