vulnerability

Debian: CVE-2025-54572: ruby-saml -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Aug 1, 2025	Aug 1, 2025	Jan 16, 2026

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Aug 1, 2025

Added

Aug 1, 2025

Modified

Jan 16, 2026

Description

The Ruby SAML library is for implementing the client side of a SAML authorization. In versions 1.18.0 and below, a denial-of-service vulnerability exists in ruby-saml even with the message_max_bytesize setting configured. The vulnerability occurs because the SAML response is validated for Base64 format prior to checking the message size, leading to potential resource exhaustion. This is fixed in version 1.18.1.

Solutions

debian-upgrade-ruby-samlno-fix-debian-deb-package

References

CVE-2025-54572
https://attackerkb.com/topics/CVE-2025-54572
CWE-400
CWE-770
DEBIAN-DLA-4288-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today