8 matches found
EUVD-2022-5133
Malicious code in bioql PyPI...
[SECURITY] [DLA 4115-1] ruby-saml security update
Debian LTS Advisory DLA-4115-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert April 05, 2025 https://wiki.debian.org/LTS Package : ruby-saml Version : 1.11.0-1+deb11u2 CVE ID : CVE-2025-25291 CVE-2025-25292 CVE-2025-25293 Debian Bug : 1100441 Multiple...
Debian dla-4115 : ruby-saml - security update
The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4115 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4115-1 [email protected]...
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks
Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language SAML authentication protections. SAML is an XML-based markup language and open-standard used for exchanging authentication and...
GHSA-HW46-3HMR-X9XV omniauth-saml has dependency on ruby-saml version with Signature Wrapping Attack issue
Summary There are 2 new Critical Signature Wrapping Vulnerabilities CVE-2025-25292, CVE-2025-25291 and a potential DDOS Moderated Vulneratiblity CVE-2025-25293 affecting ruby-saml, a dependency of omniauth-saml. The fix will be applied to ruby-saml and released 12 March 2025, under version 1.18.0...
USN-7309-1: Ruby SAML vulnerabilities
It was discovered that Ruby SAML did not properly validate SAML responses. An unauthenticated attacker could use this vulnerability to log in as an abitrary user. This issue only affected Ubuntu 16.04 LTS. CVE-2016-5697 It was discovered that Ruby SAML incorrectly utilized the results of XML DOM...
USN-7309-1 Ruby SAML vulnerabilities
It was discovered that Ruby SAML did not properly validate SAML responses. An unauthenticated attacker could use this vulnerability to log in as an abitrary user. This issue only affected Ubuntu 16.04 LTS. CVE-2016-5697 It was discovered that Ruby SAML incorrectly utilized the results of XML DOM...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Ruby SAML vulnerabilities (USN-7309-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7309-1 advisory. It was discovered that Ruby SAML did not properly validate SAML responses. An unauthenticated...