CVE-2025-25291

Name of the Vulnerable Software and Affected Versions ruby-saml versions prior to 1.12.4 and 1.18.0

Description An authentication bypass vulnerability was found in ruby-saml due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely different document structures from the same XML input. This allows an attacker to execute a Signature Wrapping attack, which may lead to authentication bypass.

Recommendations To resolve the issue, update ruby-saml to version 1.12.4 or 1.18.0, or later. As a temporary workaround, consider disabling the checkPassword() function or restricting access to the vulnerable ruby-saml module until a patch is available. Avoid using the SAMLResponse parameter in the affected API endpoint until the issue is resolved.