auth0 / node-samlp

SAML Protocol support for node (only IdP for now)
MIT License
136 stars 117 forks source link

Fix: Update saml and ejs dependencies #132

Closed madhuriravindramohan-okta closed 2 years ago

madhuriravindramohan-okta commented 2 years ago

Description

  1. Updating the saml dependency to address CVE-2021-43138 and CVE-2022-24785.
  2. Updating the ejs dependency to address CVE-2022-29078

References

https://nvd.nist.gov/vuln/detail/CVE-2021-43138 https://nvd.nist.gov/vuln/detail/CVE-2022-24785 https://nvd.nist.gov/vuln/detail/CVE-2022-29078

Testing

Verfied with npm run test

Checklist