VYPR

@fastify/passport

by Fastify

Source repositories

CVEs (2)

  • CVE-2023-29020Apr 21, 2023
    risk 0.00cvss epss 0.00

    @fastify/passport is a port of passport authentication library for the Fastify ecosystem. The CSRF (Cross-Site Request Forger) protection enforced by the `@fastify/csrf-protection` library, when combined with `@fastify/passport` in affected versions, can be bypassed by network…

  • CVE-2023-29019Apr 21, 2023
    risk 0.00cvss epss 0.01

    @fastify/passport is a port of passport authentication library for the Fastify ecosystem. Applications using `@fastify/passport` in affected versions for user authentication, in combination with `@fastify/session` as the underlying session management mechanism, are vulnerable to…