Cirrus Identity is aware of the recently reported SimpleSAMLphp security issue designated CVE 202412-01. See the notice:
https://simplesamlphp.org/security/202412-01
Effective the close of business December 2, 2024 (Pacific Time) all Cirrus Identity systems have been patched to protect against this vulnerability.