Omniauth saml
This hub aggregates every CVE we track for Omniauth saml, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
5
CVEs tracked
3
Critical
2
High
0
In CISA KEV
Severity distribution
CRITICAL3HIGH2
Monthly trend
0
0
1
0
0
0
0
0
3
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 5 most recently published vulnerabilities affecting Omniauth saml.
- CVE-2025-25292Ruby SAML vulnerable to SAML authentication bypass due to namespace handling (parser differential)9.8
- CVE-2025-25291ruby-saml vulnerable to SAML authentication bypass due to DOCTYPE handling (parser differential)9.8
- CVE-2025-25293ruby-saml vulnerable to Remote Denial of Service (DoS) with compressed SAML responses7.5
- CVE-2024-45409The Ruby SAML library vulnerable to a SAML authentication bypass via Incorrect XPath selector10.0
- CVE-2017-11430Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal7.7
Product normalization is registry-driven with AI assist and human review. How it works