Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
(github.blog)
from tedu@inks.tedunangst.com to inks@inks.tedunangst.com on 15 Mar 19:37
https://inks.tedunangst.com/l/5195
from tedu@inks.tedunangst.com to inks@inks.tedunangst.com on 15 Mar 19:37
https://inks.tedunangst.com/l/5195
Critical authentication bypass vulnerabilities (CVE-2025-25291 + CVE-2025-25292) were discovered in ruby-saml up to version 1.17.0. In this blog post, we’ll shed light on how these vulnerabilities that rely on a parser differential were uncovered.
As shown once again: relying on two different parsers in a security context can be tricky and error-prone.
threaded - newest