The Ruby-Saml Library revealed two high-level security deficiencies, which could allow malicious actors to bypass the security check (SAML).
SAML-is the XML-based marking language and the open standard used to share data on authentication and authorization between the parties, which allows as a one-time entry (SSO), allowing people to use a single set of credentials to access multiple sites, services and applications.
Vulnerabilities tracked as Cve-2025-25291 and Cve-2025-25292Carnate CVSS 8.8 out of 10.0. They affect the following versions of the library –
- <1.12.4
- > = 1.13.0, <1.18.0
Both flaws follow from how Rexml and Nokogiri disassemble XML by -different
This differential analyzer allows the attacker to be able to attack the signature wrap, which leads to the income authentication. Vulnerabilities were address In the Ruby-Saml versions 1.12.4 and 1.18.0.
Microsoft, owned by GitHub, which discovered and reported shortcomings in November 2024, said malicious actors could abuse the accounts’ attacks.
“The attackers possessing the only valid signature that was created with the key used to check the Saml or the target organization’s statements can use it to create Saml and, in turn – Note In the message.
The subsidiary owned by Microsoft also noted that the problem is to “shut off” between the hash check and the signature checking, opening the door for operation through the analyzer differential.
Versions 1.12.4 and 1.18.0 also connect the lack of remote refusal (DOS) when processing compressed Saml answers (CVE-2025-25293, CVSS: 7.7). Users are advised to upgrade to the latest version to maintain potential threats.
The conclusions come almost six months afterCve-2024-45409CVSS assessment: 10.0), which can also lead to the bypass authentication.
