Any service using xml-crypto or a Node.js SAML implementation using it, should update immediately to the latest version. WorkOS customers are safe and were not impacted.
