teradactol/authcard:package.json

Company Nodejs Auth Library.

Vulnerabilities

2 via 2 paths

Dependencies

87

Source

GitHub

Commit

dd499096

Find, fix and prevent vulnerabilities in your code.

Severity
  • 2
Status
  • 2
  • 0
  • 0

medium severity

new

Cryptographic Issues

  • Vulnerable module: bcrypt
  • Introduced through: bcrypt@2.0.1

Detailed paths

  • Introduced through: @teradactol/authcard@teradactol/authcard#dd4990969237fc3176330d7389f23426dd3ef7d5 bcrypt@2.0.1
    Remediation: Upgrade to bcrypt@5.0.0.

Overview

bcrypt is an A library to help you hash passwords.

Affected versions of this package are vulnerable to Cryptographic Issues. When hashing a password containing an ASCII NUL character, that character acts as the string terminator. Any following characters are ignored.

Remediation

Upgrade bcrypt to version 5.0.0 or higher.

References

medium severity

new

Insecure Encryption

  • Vulnerable module: bcrypt
  • Introduced through: bcrypt@2.0.1

Detailed paths

  • Introduced through: @teradactol/authcard@teradactol/authcard#dd4990969237fc3176330d7389f23426dd3ef7d5 bcrypt@2.0.1
    Remediation: Upgrade to bcrypt@5.0.0.

Overview

bcrypt is an A library to help you hash passwords.

Affected versions of this package are vulnerable to Insecure Encryption. Data is truncated wrong when its length is greater than 255 bytes.

Remediation

Upgrade bcrypt to version 5.0.0 or higher.

References