Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
ruby-saml 1.10.0 | Vulnerabilities | Sonatype Guide
gem
ruby-saml
1.10.0
ruby-saml 1.10.0
Published
Mar 21, 2019
•
Policy
compliance
gem Registry
Developer Trust Score
N/A
Recommended Version:
x.y.z
Latest version with 0 known vulnerabilities that meets your policy.
Compare Versions
Overview
Overview
Versions
89
Versions
89
Vulnerabilities
7
Vulnerabilities
7
Dependencies
0
Dependencies
0
Reset filters
Severity
Critical
(0)
High
(0)
Medium
(1)
Low
(0)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
6.9
CVE-2025-54572
The Ruby SAML library is for implementing the client side of a SAML authorization. In versions 1.18.0 and below, a denial-of-service vulnerability exists in ruby-saml even with the message_max_bytesize setting configured. The vulnerability occurs because the SAML response is validated for Base64 format prior to checking the message size, leading to potential resource exhaustion. This is fixed in version 1.18.1.
affected
Severity
Medium
Published
Jul 30, 2025
