xml_security.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used.
9.8CVSS
9.8AI Score
0.002EPSS
Ruby-saml before 1.3.0 allows attackers to perform XML signature wrapping attacks via unspecified vectors.
7.5CVSS
7.3AI Score
0.001EPSS
OneLogin Ruby-SAML 1.6.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication t...
9.8CVSS
8.5AI Score
0.01EPSS
The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document (by the IdP) can thus forge a SAML Resp...
10CVSS
9.3AI Score
0.001EPSS