VYPR

npm package

pbkdf2

pkg:npm/pbkdf2

Vulnerabilities (2)

  • CVE-2025-6547CriJun 23, 2025
    affected >= 1.0.0, < 3.1.3fixed 3.1.3

    Improper Input Validation vulnerability in pbkdf2 allows Signature Spoofing by Improper Validation.This issue affects pbkdf2: <=3.1.2.

  • CVE-2025-6545CriJun 23, 2025
    affected >= 3.0.10, < 3.1.3fixed 3.1.3

    Improper Input Validation vulnerability in pbkdf2 allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/to-buffer.Js. This issue affects pbkdf2: from 3.0.10 through 3.1.2.