CVE-2024-45409

The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document (by the IdP) can thus forge a SAML Response/Assertion with arbitrary contents. This would allow the attacker to log in as arbitrary user within the vulnerable system. This vulnerability is fixed in 1.17.0 and 1.12.3.

Published: Sep 10, 2024
Updated: May 4, 2025
CVE: CVE-2024-45409
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-347

Affected Software
References

Software	From	Fixed in
onelogin / ruby-saml	1.13.0	1.17.0
onelogin / ruby-saml	-	1.12.3
omniauth / omniauth_saml	-	1.10.3.x
omniauth / omniauth_saml	2.1.0	2.1.0.x
omniauth / omniauth_saml	2.0.0	2.0.0.x
gitlab / gitlab	17.3.0	17.3.3
gitlab / gitlab	17.2.0	17.2.7
gitlab / gitlab	17.1.0	17.1.8
gitlab / gitlab	17.0.0	17.0.8
gitlab / gitlab	-	16.11.10

Vulnerability Database

289,697

CVE-2024-45409