ldapauth-fork@2.2.6 vulnerabilities

Authenticate against an LDAP server

Direct Vulnerabilities

Known vulnerabilities in the ldapauth-fork package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
LDAP Injection

ldapauth-fork versions < 2.3.3 are vulnerable to ldap injection through the username parameter.

Source: Node Security Project

How to fix LDAP Injection?

Upgrade to ldapauth-fork 2.3.3 or greater.

<2.3.3
  • M
LDAP Injection

ldapauth-fork versions < 2.3.3 are vulnerable to ldap injection through the username parameter.

Source: Node Security Project

How to fix LDAP Injection?

Upgrade to ldapauth-fork 2.3.3 or greater.

<2.3.3