Skip to main content

Passport Oauth2

1 CVEs product

Monthly

CVE-2021-41580 npm MEDIUM PATCH This Month

The passport-oauth2 package before 1.6.1 for Node.js mishandles the error condition of failure to obtain an access token. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Node.js Information Disclosure Passport Oauth2
NVD GitHub
CVSS 3.1
5.3
EPSS
1.3%
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

The passport-oauth2 package before 1.6.1 for Node.js mishandles the error condition of failure to obtain an access token. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Node.js Information Disclosure Passport Oauth2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy