Skip to main content

Express Openid Connect

2 CVEs product

Monthly

CVE-2022-24794 npm MEDIUM PATCH This Month

Express OpenID Connect is an Express JS middleware implementing sign on for Express web apps using OpenID Connect. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Google Open Redirect Express Openid Connect
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-41246 npm HIGH PATCH This Week

Express OpenID Connect is express JS middleware implementing sign on for Express web apps using OpenID Connect. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Session Fixation Express Openid Connect
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Express OpenID Connect is an Express JS middleware implementing sign on for Express web apps using OpenID Connect. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Google Open Redirect Express Openid Connect
NVD GitHub
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Express OpenID Connect is express JS middleware implementing sign on for Express web apps using OpenID Connect. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Session Fixation Express Openid Connect
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy