GHSA-5J8P-438X-RGG5 SAML PHP Toolkit Vulnerability on xmlseclibs CVE-2025-66475

Summary There is a critical vulnerability on xmlseclibs CVE-2025-66475, a dependency of php-saml Update to the following versions of php-saml which forces the use of patched versions of xmlseclibs: - 2.21.1 - 3.8.1 - 4.3.1 Impact Signature Wrapping Vulnerabilities allows an attacker to impersonat...

PT-2024-40229 · Unknown · Php-Saml Toolkit

Name of the Vulnerable Software and Affected Versions: php-saml toolkit affected versions not specified Description: The issue arises from the implicit conversion of numerical values to boolean in PHP, which can lead to an error state being treated as a successful signature verification...

Unspecified vulnerability in RubyGems ruby-saml

RubyGems ruby-saml is a set of SAML Security Assertion Markup Language development toolkits for the Ruby on Rails framework organized by RubyGems. A security vulnerability exists in RubyGems Ruby-saml versions prior to 1.3.0. An attacker could exploit this vulnerability to perform an XML signatur...

RubyGems ruby-saml 'xml_security.rb' command injection vulnerability

RubyGems ruby-saml is a set of SAML Security Assertion Markup Language development toolkits for the Ruby on Rails framework organized by RubyGems. A command injection vulnerability exists in RubyGems ruby-saml. A remote attacker could use this vulnerability to execute arbitrary shell commands in...