Rubysec

Providing security resources for the Ruby community.
Follow us @rubysec or email us via info at rubysec.com

Advisory Archive

Back

---
gem: omniauth-saml
date: 2018-02-27
url: https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
cve: 2017-11430
title: omniauth-saml authentication bypass via incorrect XML canonicalization and
  DOM traversal
description: |
  OmniAuth OmnitAuth-SAML 1.9.0 and earlier may incorrectly utilize the
  results of XML DOM traversal and canonicalization APIs in such a way that an attacker
  may be able to manipulate the SAML data without invalidating the cryptographic signature,
  allowing the attack to potentially bypass authentication to SAML service providers.
cvss_v2: '7.5'
cvss_v3: '9.8'
patched_versions:
- ">= 1.10.0"