pkg:RubyGems/omniauth-saml

3 total CVEsCRITICAL2HIGH1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL10.0CVE-2024-45409SAML authentication bypass via Incorrect XPath selector
    >= 2.0.0, < 2.1.2
  • CRITICAL9.8CVE-2025-25291omniauth-saml has dependency on ruby-saml version with Signature Wrapping Attack issue
    >= 2.2.0, < 2.2.3
  • HIGH7.7CVE-2017-11430OmniAuth-SAML authentication bypass via incorrect XML canonicalization and DOM traversal
    from 0, < 1.10.0