RubySec

Providing security resources for the Ruby community

CVE-2015-20108 (ruby-saml): ruby-saml gem is vulnerable to XPath injection

ADVISORIES

GEM

ruby-saml

SEVERITY

CVSS v3.x: 9.8 (Critical)

CVSS v2.0: 6.7 (Medium)

PATCHED VERSIONS

  • >= 1.0.0

DESCRIPTION

xml_security.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used.

The lack of prepared statements allows for possibly command injection, leading to arbitrary code execution.

RELATED