@digitalbazaar/zcap@7.1.0 vulnerabilities
Authorization Capabilities reference implementation.
-
latest version
9.0.1
-
latest non vulnerable version
-
first published
3 years ago
-
latest version published
8 months ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the @digitalbazaar/zcap package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
@digitalbazaar/zcap is an Authorization Capabilities reference implementation. Affected versions of this package are vulnerable to Insufficient Session Expiration due to incomplete expiration checks in capability chains. When invoking a capability with a chain depth of 2, i.e., it is delegated directly from the root capability, the How to fix Insufficient Session Expiration? Upgrade |
<9.0.1
|