npm package
@curveball/a12n-server
pkg:npm/%40curveball/a12n-server
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-29452 | — | >= 0.18.0, < 0.18.2 | 0.18.2 | Apr 16, 2021 | a12n-server is an npm package which aims to provide a simple authentication system. A new HAL-Form was added to allow editing users in version 0.18.0. This feature should only have been accessible to admins. Unfortunately, privileges were incorrectly checked allowing any logged i |
- CVE-2021-29452Apr 16, 2021affected >= 0.18.0, < 0.18.2fixed 0.18.2
a12n-server is an npm package which aims to provide a simple authentication system. A new HAL-Form was added to allow editing users in version 0.18.0. This feature should only have been accessible to admins. Unfortunately, privileges were incorrectly checked allowing any logged i