@feathersjs/authentication-oauth Security Advisories - Npm | Ecosyste.ms: Advisories

@feathersjs/authentication-oauth

oAuth 1 and 2 authentication for Feathers. Powered by Grant.

View on github.com · View on npmjs.org

Security Advisories for @feathersjs/authentication-oauth in npm

Critical

3 months ago

Feathers has an OAuth Callback Account Takeover issue GSA_kwCzR0hTQS13Zzl4LXFmZ3ctcHhoas4ABTam

npm @feathersjs/authentication-oauth

High

3 months ago

Feathers exposes internal headers via unencrypted session cookie GSA_kwCzR0hTQS05bTljLXZwdjUtOWc4Nc4ABSmt

npm @feathersjs/authentication-oauth

High

3 months ago

Feathers has an origin validation bypass via prefix matching GSA_kwCzR0hTQS1tcDR4LWMzNHgtd3YzeM4ABSms

npm @feathersjs/authentication-oauth

High

3 months ago

Feathers has an open redirect in OAuth callback enables account takeover GSA_kwCzR0hTQS1wcGY5LTRmZnctaGg0cM4ABSmr

npm @feathersjs/authentication-oauth

Potential

High

almost 3 years ago

Feathers socket handler allows abusing implicit toString GSA_kwCzR0hTQS1oaHI5LXJoMjUtaHZmOc4AA00L

npm @feathersjs/transport-commons, @feathersjs/socketio

Filter by Severity

High 4 Critical 1