CVE-2025-25293 HIGH

CVE-2025-25293: ruby-saml vulnerable to Remote Denial of Service (DoS) with compressed SAML responses

Vendor Saml-Toolkits
Product ruby-saml
Weakness CWE-400
Published March 12, 2025
Last update November 3, 2025

CVSS base score

7.7/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Prior to versions 1.12.4 and 1.18.0, ruby-saml is susceptible to remote Denial of Service (DoS) with compressed SAML responses. ruby-saml uses zlib to decompress SAML responses in case they're compressed. It is possible to bypass the message size check with a compressed assertion since the message size is checked before inflation and not after. This issue may lead to remote Denial of Service (DoS). Versions 1.12.4 and 1.18.0 fix the issue.

Key dates

02Disclosure timeline

March 12, 2025 CVE published
November 3, 2025 Record updated