nforce@0.4.4 vulnerabilities

nforce is a REST API wrapper for force.com, database.com, and salesforce.com

Direct Vulnerabilities

Known vulnerabilities in the nforce package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Information Exposure

nforce is a REST API wrapper for force.com, database.com, and salesforce.com. Affected versions of the package leak the client_secret variable.

How to fix Information Exposure?

Upgrade nforce to version 0.6.1 or higher.

<0.6.1