VYPR

npm package

manifest

pkg:npm/manifest

Vulnerabilities (1)

  • CVE-2025-27408MedFeb 28, 2025
    affected < 4.9.2fixed 4.9.2

    Manifest offers users a one-file micro back end. Prior to version 4.9.2, Manifest employs a weak password hashing implementation that uses SHA3 without a salt. This exposes user passwords to a higher risk of being cracked if an attacker gains access to the database. Without the u