pkg:RubyGems/ruby-saml

共 10 筆 CVECRITICAL4HIGH3

✅ 檢查你的版本

所有已知漏洞

  • CRITICAL10.0CVE-2024-45409SAML authentication bypass via Incorrect XPath selector
    from 0, < 1.12.3
  • CRITICAL9.8CVE-2025-25292Ruby SAML allows a SAML authentication bypass due to namespace handling (parser differential)
    >= 1.13.0, < 1.18.0
  • CRITICAL9.8CVE-2025-25291omniauth-saml has dependency on ruby-saml version with Signature Wrapping Attack issue
    from 0, < 1.12.4
  • CRITICAL9.8CVE-2015-20108ruby-saml vulnerable to XPath injection
    from 0, < 1.0.0
  • HIGH7.7CVE-2017-11428Ruby-SAML Improper Authentication vulnerability
    from 0, < 1.7.0
  • HIGH7.5CVE-2025-25293Ruby SAML allows remote Denial of Service (DoS) with compressed SAML responses
    from 0, < 1.12.4
  • HIGH7.5CVE-2016-5697Ruby-saml allows attackers to perform XML signature wrapping attacks
    from 0, < 1.3.0
  • CVE-2025-66568Ruby-saml allows a Libxml2 Canonicalization error to bypass Digest/Signature validation
    from 0, < 1.18.0
  • CVE-2025-66567Ruby-saml has a SAML authentication bypass due to namespace handling (parser differential)
    from 0, < 1.18.0
  • CVE-2025-54572ruby-saml - security update
    from 0, < 1.18.1