paypal-ipn@2.1.0 vulnerabilities
Package for verifying Paypal IPN messages
-
latest version
3.0.0
-
latest non vulnerable version
-
first published
13 years ago
-
latest version published
9 years ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the paypal-ipn package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
paypal-ipn uses the "With a bit of time, an attacker could craft a request using the simulator that would fool any application which does not explicitly check for test_ipn in production." [1] Source: Node Security Project How to fix Validation Bypass? Upgrade to version 3.0.0 or greater. |
<3.0.0
|
paypal-ipn uses the "With a bit of time, an attacker could craft a request using the simulator that would fool any application which does not explicitly check for test_ipn in production." [1] Source: Node Security Project How to fix Validation Bypass? Upgrade to version 3.0.0 or greater. |
<3.0.0
|