---
gem: ruby-saml
osvdb: 124383
url: https://github.com/onelogin/ruby-saml/pull/247
title: Ruby-Saml Gem is vulnerable to entity expansion attacks
date: 2015-06-30
description: |
  ruby-saml before 1.0.0 is vulnerable to entity expansion attacks.
cvss_v2: 3.9
patched_versions:
  - ">= 1.0.0"