ADVISORIES
- OSVDB-117903
GEM
PATCHED VERSIONS
- >= 0.8.2
DESCRIPTION
ruby-saml contains a flaw that is triggered as the URI value of a SAML response is not properly sanitized through a prepared statement. This may allow a remote attacker to execute arbitrary shell commands on the host machine.