VYPR

npm package

express-restify-mongoose

pkg:npm/express-restify-mongoose

Vulnerabilities (1)

  • CVE-2016-10533HigMay 31, 2018
    affected >= 3.0.0, < 3.1.0fixed 3.1.0

    express-restify-mongoose is a module to easily create a flexible REST interface for mongoose models. express-restify-mongoose 2.4.2 and earlier and 3.0.X through 3.0.1 allows a malicious user to send a request for `GET /User?distinct=password` and get all the passwords for all th