Omniauth Saml Omniauth Saml

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Omniauth Saml.

By the Year

In 2025 there have been 0 vulnerabilities in Omniauth Saml. Last year, in 2024 Omniauth Saml had 1 security vulnerability published. Right now, Omniauth Saml is on track to have less security vulnerabilities in 2025 than it did last year.

Year Vulnerabilities Average Score
2025 0 0.00
2024 1 9.80
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 1 9.80
2018 0 0.00

It may take a day or so for new Omniauth Saml vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Omniauth Saml Security Vulnerabilities

The Ruby SAML library is for implementing the client side of a SAML authorization

CVE-2024-45409 9.8 - Critical - September 10, 2024

The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document (by the IdP) can thus forge a SAML Response/Assertion with arbitrary contents. This would allow the attacker to log in as arbitrary user within the vulnerable system. This vulnerability is fixed in 1.17.0 and 1.12.3.

Improper Verification of Cryptographic Signature

OmniAuth OmnitAuth-SAML 1.9.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way

CVE-2017-11430 9.8 - Critical - April 17, 2019

OmniAuth OmnitAuth-SAML 1.9.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.

authentification

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Omniauth Saml or by Omniauth? Click the Watch button to subscribe.

Omniauth
Vendor

Omniauth Saml
Product

subscribe