{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T08:48:15.849","vulnerabilities":[{"cve":{"id":"CVE-2025-25293","sourceIdentifier":"security-advisories@github.com","published":"2025-03-12T21:15:42.363","lastModified":"2025-11-03T20:17:59.253","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Prior to versions 1.12.4 and 1.18.0, ruby-saml is susceptible to remote Denial of Service (DoS) with compressed SAML responses. ruby-saml uses zlib to decompress SAML responses in case they're compressed. It is possible to bypass the message size check with a compressed assertion since the message size is checked before inflation and not after. This issue may lead to remote Denial of Service (DoS). Versions 1.12.4 and 1.18.0 fix the issue."},{"lang":"es","value":"ruby-saml proporciona inicio de sesión único (SSO) con lenguaje de marcado para aserciones de seguridad (SAML) para Ruby. En versiones anteriores a la 1.12.4 y la 1.18.0, ruby-saml era susceptible a ataques de denegación de servicio (DoS) remotos con respuestas SAML comprimidas. ruby-saml utiliza zlib para descomprimir las respuestas SAML en caso de que estén comprimidas. Es posible omitir la comprobación del tamaño del mensaje con una aserción comprimida, ya que el tamaño del mensaje se comprueba antes del inflado, no después. Este problema puede provocar ataques de denegación de servicio (DoS) remotos. Las versiones 1.12.4 y 1.18.0 solucionan el problema."}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:omniauth:omniauth_saml:*:*:*:*:*:ruby:*:*","versionEndExcluding":"1.10.6","matchCriteriaId":"AB57A4CB-E546-42D7-AB8D-D86E979C80C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:omniauth:omniauth_saml:*:*:*:*:*:ruby:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.1.3","matchCriteriaId":"58E37D56-71A9-417D-B0DD-EBDC2EA3855F"},{"vulnerable":true,"criteria":"cpe:2.3:a:omniauth:omniauth_saml:*:*:*:*:*:ruby:*:*","versionStartIncluding":"2.2.0","versionEndExcluding":"2.2.3","matchCriteriaId":"9549FF35-D7A0-446A-87C8-552C8D89CD92"},{"vulnerable":true,"criteria":"cpe:2.3:a:onelogin:ruby-saml:*:*:*:*:*:*:*:*","versionEndExcluding":"1.12.4","matchCriteriaId":"EB0F9A57-0F32-4ECC-97B4-1F87DD7D7FD6"},{"vulnerable":true,"criteria":"cpe:2.3:a:onelogin:ruby-saml:*:*:*:*:*:*:*:*","versionStartIncluding":"1.13.0","versionEndExcluding":"1.18.0","matchCriteriaId":"455E8699-D6C2-4BFF-B4FD-2329E0F1E910"}]}]}],"references":[{"url":"https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/SAML-Toolkits/ruby-saml/commit/acac9e9cc0b9a507882c614f25d41f8b47be349a","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/SAML-Toolkits/ruby-saml/commit/e2da4c6dae7dc01a4d9cd221395140a67e2b3eb1","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-92rq-c8cf-prrq","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://securitylab.github.com/advisories/GHSL-2024-355_ruby-saml","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00011.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20250314-0008/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}