Vulnerabilities	1 via 1 paths
Dependencies	32
Source	GitHub
Commit	master

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications

Severity

Critical
High
Medium
1
Low

Status

Open
1
Patched
0
Ignored
0

medium severity

Session Fixation

Vulnerable module: passport
Introduced through: passport@0.4.1

Detailed paths

Introduced through: komapi-passport@komapijs/komapi-passport#master › passport@0.4.1

Remediation: Upgrade to passport@0.6.0.

Overview

passport is a Simple, unobtrusive authentication for Node.js.

Affected versions of this package are vulnerable to Session Fixation. When a user logs in or logs out, the session is regenerated instead of being closed.

Remediation

Upgrade passport to version 0.6.0 or higher.

References

GitHub Commit
GitHub PR

Session Fixation vulnerability report

Vulnerabilities

Dependencies

Source