Skip to content
This repository was archived by the owner on Jul 3, 2026. It is now read-only.
This repository was archived by the owner on Jul 3, 2026. It is now read-only.

Found Vulnerability ' Improper Input Validation ' and ' Prototype Pollution ' on Synk.io #125

Description

@kanxoramesh

BUG

Synk.io is reporting Vulnerability for this library, One of the dependence library saml@1.0.0 uses xmldom which has Vulnerability.
and also Arbitrary Code Injection from package ejs@3.1.6

Solution: update dependence library saml@1.0.0 to 1.0.1 which is using the latest version of xmldom@0.7.4 and also update ejs@2.5.5 to ejs@3.1.6

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions