MAL-2025-145976 Malicious code in passport-auth-mongoose-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7d85f744ac10f023e729b0938e368ce262176e72333839512dcd5f6d5f7e510 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123945

Malicious code in passport-auth-mongoose-phoebe npm...

Passport-wsfed-saml2 安全漏洞

Passport-wsfed-saml2 is an Auth0 open source token authentication provider program. A security vulnerability exists in Passport-wsfed-saml2 versions 3.0.5 through 4.6.3 that stems from a SAML authentication flaw that could lead to user impersonation...

CVE-2023-29019

@fastify/passport is a port of passport authentication library for the Fastify ecosystem. Applications using @fastify/passport in affected versions for user authentication, in combination with @fastify/session as the underlying session management mechanism, are vulnerable to session fixation...

Passport-Oauth2 安全漏洞

Passport-Oauth2 is an authentication policy. A security vulnerability exists in Passport-Oauth2 versions prior to 1.6.1, which stems from the fact that the passport-oauth2 package prior to Node.js 1.6.1 incorrectly handles an error condition that fails to obtain an access token. This is exploitab...