What is CVE-2025-54572?

CVE-2025-54572 is a vulnerability in Saml-toolkits Ruby-saml, classified under Uncontrolled Resource Consumption. Published 2025-07-30.

Is CVE-2025-54572 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Resource exhaustion in Saml-toolkits Ruby-saml

CVE-2025-54572

The Ruby SAML library is for implementing the client side of a SAML authorization. In versions 1.18.0 and below, a denial-of-service vulnerability exists in ruby-saml even with the message_max_bytesize setting configured. The vulnerability…

Vulnerability class: DoS (Denial of Service)

EPSS: 0.004 (27.5th percentile) — read the EPSS interpretation.

Affected products

Saml-toolkits Ruby-saml — versions < 1.18.1

Weakness classification (CWE)

Public proof-of-concept exploits

References

https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-rrqh-93c8-j966 (x_refsource_CONFIRM)
https://github.com/SAML-Toolkits/ruby-saml/pull/770 (x_refsource_MISC)
https://github.com/SAML-Toolkits/ruby-saml/commit/38ef5dd1ce17514e202431f569c4f5633e6c2709 (x_refsource_MISC)
https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.1 (x_refsource_MISC)

Frequently asked questions

What is CVE-2025-54572?: CVE-2025-54572 is a vulnerability in Saml-toolkits Ruby-saml, classified under Uncontrolled Resource Consumption. Published 2025-07-30.
Is CVE-2025-54572 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.