ruby-saml 1.18.0

1.18.0 (Mar 12, 2025)

on Ruby Gems

1.18.0 (Mar 12, 2025)

• #750 Fix vulnerabilities: CVE-2025-25291, CVE-2025-25292: SAML authentication bypass via Signature Wrapping attack allowed due parser differential. Fix vulnerability: CVE-2025-25293: Potential DOS abusing of compressed messages.
• #718 Add support to retrieve from SAMLResponse the AuthnInstant and AuthnContextClassRef values
• #720 Fix ambiguous regex warnings
• #715 Fix typo in SPNameQualifier error text