4 matches found
EUVD-2022-7124
Malicious code in bioql PyPI...
@3wks/gae-node-nestjs (>=0.1.0 <=6.0.0-rc.0), @aeroline_1025/hapi-corpsso (>=2.1.3 <=2.3.0) +111 more potentially affected by CVE-2025-54419 via passport-saml (>=0.12.0 <=3.2.4)
passport-saml NPM version =0.12.0, =0.1.0, =2.1.3, =0.0.2, =1.0.0, =4.0.0, =0.0.0-nightly-2020972106, =0.0.0-nightly-202201422556, =0.1.0, =0.1.0, =0.4.0, =0.2.1, =0.35.0, =0.44.5 and more Source cves: CVE-2025-54419 Source advisory: OSV:GHSA-4MXG-3P6V-XGQ3...
@3wks/gae-node-nestjs (>=0.1.0 <=6.0.0-rc.0), @aeroline_1025/hapi-corpsso (>=2.1.3 <=2.3.0) +73 more potentially affected by CVE-2022-39299 via passport-saml (>=0.12.0 <=3.2.0)
passport-saml NPM version =0.12.0, =0.1.0, =2.1.3, =1.0.0, =4.0.0, =0.0.0-nightly-2020972106, =3.4.2, =0.1.0, =1.0.0, =1.0.0, =2.4.0, =7.1.1, =6.2.2, =1.1.109, =1.3.78 and more Source cves: CVE-2022-39299 Source advisory: OSV:GHSA-M974-647V-WHV7...
PT-2022-24881 · Unknown +1 · Passport-Saml +1
Name of the Vulnerable Software and Affected Versions: Passport-SAML versions prior to 3.2.2 node-saml versions prior to 4.0.0-beta.5 Description: A remote attacker may be able to bypass SAML authentication on a website using passport-saml. A successful attack requires that the attacker is in...