npm package
hapi-auth-jwt2
pkg:npm/hapi-auth-jwt2
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-10525 | Cri | 9.8 | >= 5.1.1, < 5.1.2 | 5.1.2 | May 29, 2018 | When attempting to allow authentication mode `try` in hapi, hapi-auth-jwt2 version 5.1.1 introduced an issue whereby people could bypass authentication. |
- affected >= 5.1.1, < 5.1.2fixed 5.1.2
When attempting to allow authentication mode `try` in hapi, hapi-auth-jwt2 version 5.1.1 introduced an issue whereby people could bypass authentication.