auth0 / node-samlp

SAML Protocol support for node (only IdP for now)
MIT License
136 stars 117 forks source link

Request for upgrading the ejs package to the patched version 3.1.10 #146

Open rebekadekany opened 7 months ago

rebekadekany commented 7 months ago

Description

The ejs package before 3.1.10 for Node.js lacks certain pollution protection. See: https://github.com/advisories/GHSA-ghr5-ch3p-vcr6

Solution: bump 3.1.8 version to 3.1.10