Launchpad.net

CVE 2016-5697

Ruby-saml before 1.3.0 allows attackers to perform XML signature wrapping attacks via unspecified vectors.

See the CVE page on Mitre.org for more details.

References