Ruby-SAML Authentication Bypass

The ruby-saml library is a Ruby implementation of the SAML (Security Assertion Markup Language) protocol for authentication. It's used to implement client-side SAML authorization, allowing users to access protected resources without sharing credentials. However, due to an incomplete fix for CVE-2025-25292, this library contains an authentication bypass vulnerability.

You're affected if you use ruby-saml. Specific version info not stated in the advisory. If you don't recognise this software, you're probably not affected.

To fix this issue, upgrade to ruby-saml version 1.18.0 or later. You can do this by:

• Updating your Maven dependency in pom.xml:

<dependency>
    <groupId>org.saml-toolkits</groupId>
    <artifactId>ruby-saml</artifactId>
    <version>1.18.0</version>
</dependency>

• Using the GitHub patch link: https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97
• Applying immediate mitigations:
• Restrict network access to your ruby-saml instance (firewall it from the public internet)
• Audit admin account activity for suspicious access patterns
• Monitor for unauthorized token creation

• Patch
• Vendor Advisory
• github.com