npm package
pbkdf2
pkg:npm/pbkdf2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-6547 | Cri | — | >= 1.0.0, < 3.1.3 | 3.1.3 | Jun 23, 2025 | Improper Input Validation vulnerability in pbkdf2 allows Signature Spoofing by Improper Validation.This issue affects pbkdf2: <=3.1.2. | |
| CVE-2025-6545 | Cri | — | >= 3.0.10, < 3.1.3 | 3.1.3 | Jun 23, 2025 | Improper Input Validation vulnerability in pbkdf2 allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/to-buffer.Js. This issue affects pbkdf2: from 3.0.10 through 3.1.2. |
- affected >= 1.0.0, < 3.1.3fixed 3.1.3
Improper Input Validation vulnerability in pbkdf2 allows Signature Spoofing by Improper Validation.This issue affects pbkdf2: <=3.1.2.
- affected >= 3.0.10, < 3.1.3fixed 3.1.3
Improper Input Validation vulnerability in pbkdf2 allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/to-buffer.Js. This issue affects pbkdf2: from 3.0.10 through 3.1.2.