2.3.0
6 years ago
27 days ago
Known vulnerabilities in the @acastellon/auth package. This does not include vulnerabilities belonging to this package’s dependencies.
Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
@acastellon/auth is an Authorization Filtering for NodeJS Express Application (NTLM + LDAP + JWT + AWS Cognito + Azure AD/Entra ID + OIDC providers + SAML + env var secrets) Affected versions of this package are vulnerable to User Impersonation via the How to fix User Impersonation? Upgrade | <2.3.0 |