yapi@v1.1.1 vulnerabilities

Python Youtube Data API v3

Direct Vulnerabilities

Known vulnerabilities in the yapi package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Insecure Randomness

yapi is a Python Youtube Data API v3

Affected versions of this package are vulnerable to Insecure Randomness. Weak JSON Web Token (JWT) signing secret generation in YMFE YApi allows recreation of other users' JWT tokens. This occurs because Math.random in Node.js is used.

How to fix Insecure Randomness?

There is no fixed version for yapi.

[0,)