VYPR

npm package

node-krb5

pkg:npm/node-krb5

Vulnerabilities (1)

  • CVE-2016-1000238medSep 1, 2020
    affected >= 0.0.0

    Affected versions of `node-krb5` do not validate the KDC prior to authenticating, which might allow an attacker with network access and enough time to spoof the KDC and impersonate a valid user without knowing their credentials. ## Recommendation It appears that this will rema