Securesamlfinder

**Name of the Vulnerable Software and Affected Versions** ruby-saml versions prior to 1.12.4 and 1.18.0 **Description** An authentication bypass vulnerability was found in ruby-saml due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely different document structures from the same XML input. This allows an attacker to execute a Signature Wrapping attack, which may lead to authentication bypass. **Recommendations** To resolve the issue, update ruby-saml to version 1.12.4 or 1.18.0, or later. As a temporary workaround, consider disabling the `checkPassword()` function or restricting access to the vulnerable `ruby-saml` module until a patch is available. Avoid using the `SAMLResponse` parameter in the affected API endpoint until the issue is resolved.