EUVD-2019-0315

Malware in sbrugna...

GHSA-MG8R-9G6J-HWV9 Authentication Bypass in hapi-auth-jwt2

Versions of hapi-auth-jwt2 prior to version 5.1.2 are affected by a complete authentication bypass vulnerability when in the try authentication mode. Recommendation Update to version 5.1.2 or later...

Authentication Bypass in hapi-auth-jwt2

Versions of hapi-auth-jwt2 prior to version 5.1.2 are affected by a complete authentication bypass vulnerability when in the try authentication mode. Recommendation Update to version 5.1.2 or later...

Unspecified vulnerability in hapi-auth-jwt2

hapi-auth-jwt2 is a module that supports authentication using JSON Web Tokens JWT in Hapi.js web applications. A security vulnerability exists in hapi-auth-jwt2 version 5.1.1. An attacker can exploit the vulnerability to bypass authentication...

CVE-2016-10525

Affects hapi-auth-jwt2 prior to 5.1.2: in try authentication mode, an authentication bypass vulnerability exists, enabling bypass of auth checks. Impact described as complete bypass with high severity; fix is to upgrade to 5.1.2 or later. Documents from GHSA and npm advisory confirm vulnerability...

Authentication Bypass

Overview Versions of hapi-auth-jwt2 prior to version 5.1.2 are affected by a complete authentication bypass vulnerability when in the try authentication mode. Recommendation Update to version 5.1.2 or later. References - Issue 111 - PR 112 - GitHub Advisory...