2 matches found
CVE-2016-10525
When attempting to allow authentication mode try in hapi, hapi-auth-jwt2 version 5.1.1 introduced an issue whereby people could bypass authentication...
CVE-2016-10525
Affects hapi-auth-jwt2 prior to 5.1.2: in try authentication mode, an authentication bypass vulnerability exists, enabling bypass of auth checks. Impact described as complete bypass with high severity; fix is to upgrade to 5.1.2 or later. Documents from GHSA and npm advisory confirm vulnerability...