CVE-2025-25292

Publication date 12 March 2025

Last updated 3 April 2025

Ubuntu priority

ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently, the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping attack. This issue may lead to authentication bypass. Versions 1.12.4 and 1.18.0 contain a patch for the issue.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
ruby-saml	24.10 oracular	Fixed 1.15.0-1ubuntu0.24.10.2
	24.04 LTS noble	Fixed 1.15.0-1ubuntu0.24.04.1+esm1 Ubuntu Pro
	22.04 LTS jammy	Fixed 1.13.0-1ubuntu0.1+esm1 Ubuntu Pro
	20.04 LTS focal	Fixed 1.11.0-1ubuntu0.1+esm1 Ubuntu Pro
	18.04 LTS bionic	Fixed 1.7.2-1ubuntu0.1~esm2 Ubuntu Pro
	16.04 LTS xenial	Ignored risks regression

Get expanded security coverage with Ubuntu Pro

Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.

Get Ubuntu Pro

Notes

juliaphoebe

The backport involves introducing infrastructure for the idp_multi_cert mechanism, which touches enough files that the backport is unnecessarily risky.

References

Related Ubuntu Security Notices (USN)