The Hacker News2d
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks
(CVE-2025-25291, CVE-2025-25292) allow SAML authentication bypass (CVSS 8.8). Update to versions 1.12.4 or 1.18.0 now.
GitLab patches critical authentication bypass vulnerabilities
GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE), fixing nine vulnerabilities, among ...
GitLab has patched a host of worrying security issues
GitLab has patched nine vulnerabilities affecting its Community Edition (CE) and Enterprise Edition (EE) solutions, and urged users to apply the patch immediately. In a security advisory published, ...
Security vulnerabilities: Gitlab developers advise rapid update
According to a warning message, two vulnerabilities (CVE-2025-25291, CVE-2025-25292) are considered “critical”. However, ...
GitHub3d
Ruby SAML allows a SAML authentication bypass due to namespace handling (parser differential)
This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack Vector: This metric reflects the context by which vulnerability ...
The Hacker News3d
Authentication | Breaking Cybersecurity News | The Hacker News
Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language (SAML) authentication ...
Statetechmagazine8d
SAML: How It Works and How to Implement It
By using SAML, state and local government agencies can streamline identity management, reduce password-related security risks and maintain stronger control over authentication policies across their IT ...