# Vercel Firewall protects against the SAMLStorm vulnerability

**Published:** March 18, 2025 | **Authors:** Aaron Brown, Casey Gowrie, Sage Abraham

---

We have deployed a proactive security update to the [Vercel Firewall](https://vercel.com/docs/vercel-firewall), protecting against a recently disclosed vulnerability in the [xml-crypto](https://www.npmjs.com/package/xml-crypto) package, dubbed SAMLStorm ([CVE-2025-29774](https://github.com/node-saml/xml-crypto/security/advisories/GHSA-9p8x-f768-wp2g) and [CVE-2025-29775](https://github.com/node-saml/xml-crypto/security/advisories/GHSA-x3m8-899r-f7c3)). This vulnerability, which affects various SAML implementations, could allow attackers to bypass authentication mechanisms.

### **What This Means for Vercel Customers**

- **Automatic protection with the Vercel Firewall**: Vercel Firewall automatically mitigates this risk for you, but updating xml-crypto is still recommended
- **Update xml-crypto**: If you're using xml-crypto package 6.0.0 and earlier, or a package that depends on xml-crypto, update to 6.0.1, 3.2.1, or 2.1.6 for the patched versions
- We'll continue to monitor for new developments and provide updates as necessary

See the [SAMLStorm report](https://workos.com/blog/samlstorm) for more details on the vulnerability, and reach out to [Vercel Support](https://vercel.com/help) if you have questions.

---

📚 **More updates:** [View all changelog entries](/changelog/sitemap.md) | [Blog](/blog/sitemap.md)