Summary: Two critical security vulnerabilities have been found in the ruby-saml library, allowing attackers to bypass SAML authentication protections and potentially execute account takeover attacks. The flaws, designated as CVE-2025-25291 and CVE-2025-25292, affect specific library versions due to discrepancies in XML parsing between REXML and Nokogiri. Users are urged to update to versions 1.12.4 or 1.18.0, which also address a remote denial-of-service vulnerability.
Affected: ruby-saml library
Keypoints :
- Two vulnerabilities allow bypassing SAML authentication protections, leading to account takeover risks.
- The vulnerabilities arise from a parsing difference between REXML and Nokogiri.
- Upgrading to versions 1.12.4 or 1.18.0 is recommended to mitigate these threats.
Source: https://thehackernews.com/2025/03/github-uncovers-new-ruby-saml.html