npm package
client-certificate-auth
pkg:npm/client-certificate-auth
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-25651 | — | >= 0.2.1, < 1.0.0 | 1.0.0 | Feb 6, 2026 | client-certificate-auth is middleware for Node.js implementing client SSL certificate authentication/authorization. Versions 0.2.1 and 0.3.0 of client-certificate-auth contain an open redirect vulnerability. The middleware unconditionally redirects HTTP requests to HTTPS using th |
- CVE-2026-25651Feb 6, 2026affected >= 0.2.1, < 1.0.0fixed 1.0.0
client-certificate-auth is middleware for Node.js implementing client SSL certificate authentication/authorization. Versions 0.2.1 and 0.3.0 of client-certificate-auth contain an open redirect vulnerability. The middleware unconditionally redirects HTTP requests to HTTPS using th