VYPR

npm package

@fastify/oauth2

pkg:npm/%40fastify/oauth2

Vulnerabilities (1)

  • CVE-2023-31999HigJul 4, 2023
    affected < 7.2.0fixed 7.2.0

    All versions of @fastify/oauth2 used a statically generated state parameter at startup time and were used across all requests for all users. The purpose of the Oauth2 state parameter is to prevent Cross-Site-Request-Forgery attacks. As such, it should be unique per user and shoul