Incorrect vulnerability details pysaml2

[Shortfinga]

Vulnerability URL
Provide the URL to the vulnerability. For example:

https://ossindex.sonatype.org/vulnerability/sonatype-2018-0212?component-type=pypi&component-name=pysaml2

Component URL
Provide the URL to the component. For example:

https://ossindex.sonatype.org/component/pkg:pypi/pysaml2@7.2.1

Description
OSS says pkg:pypi/pysaml2@7.2.1 is subject to a XXE vulnerability.
The mentioned Issue: IdentityPython/pysaml2#508 is closed. The used Xmlsec library disables XXE by default since version 1.2.24. You must now explicitly set the --xxe flag to enable this. pysaml2 does nowhere set this flag.

[ken-duck]

Thank you for your report. We are migrating to a new email-based reporting system in order to better mesh with our internal processes, which will allow us to be more reactive to our users. I have moved your request to the internal tracking system and the research team will look into the issue shortly.

If you notice further issues or would like to follow up on this one, please email ossindex@sonatype.org