samlstorm

[phoebstr]

Please do not report security vulnerabilities here. The Responsible Disclosure Program details the procedure for disclosing security issues.

I do not consider this an app-specific vulnerability, as it pertains to a dependency that merely requires an update for maintenance purposes. If my assessment is incorrect, I apologize.

Description

• "xml-crypto" < "2.1.6" has severe vulnerability and needs to be patched
  https://workos.com/blog/samlstorm