basic-auth-connect@1.0.0 vulnerabilities
Basic auth middleware for node and connect
-
latest version
1.1.0
-
latest non vulnerable version
-
first published
11 years ago
-
latest version published
a month ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the basic-auth-connect package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
basic-auth-connect is a Basic auth middleware for node and connect Affected versions of this package are vulnerable to Observable Timing Discrepancy due to the use of a timing-unsafe equality comparison. An attacker can infer sensitive data. How to fix Observable Timing Discrepancy? Upgrade |
<1.1.0
|