OsVault/npm/passport

npm

passport

19 known vulnerabilities · 0 critical · 4 high

CVE-2022-25896MEDIUM

Passport vulnerable to session regeneration when a users logs in or out

Published Jul 2, 2022

CVE-2023-29019HIGH

Session fixation in fastify-passport

Published Apr 21, 2023

CVE-2023-29020MEDIUM

CSRF token fixation in fastify-passport

Published Apr 21, 2023

MAL-2024-8868

Malicious code in passports-js (npm)

Published Sep 11, 2024

CVE-2016-7191HIGH

Authentication Bypass in passport-azure-ad

Published Jul 26, 2018

CVE-2019-19723

Improper Authorization in passport-cognito

Published Sep 4, 2020

CVE-2019-13483HIGH

Auth0 Passport-SharePoint does not validate JWT signature

Published May 24, 2022

CVE-2022-23505MEDIUM

Authentication Bypass for passport-wsfed-saml2

Published Dec 13, 2022

CVE-2021-41580MEDIUM

Improper Access Control in passport-oauth2

Published Sep 29, 2021

CVE-2017-16897HIGH

passport-wsfed-saml2 vulnerable to Signature Bypass in SAML2 token

Published Jun 21, 2023

MAL-2022-2924

Malicious code in express-4.x-passport-snapchat-example (npm)

Published Jun 20, 2022

MAL-2025-4601

Malicious code in passport-jwt-logger (npm)

Published May 30, 2025

MAL-2025-3850

Malicious code in passport-thecity (npm)

Published May 15, 2025

MAL-2024-11756

Malicious code in passport-openpass-example (npm)

Published Dec 9, 2024

MAL-2023-989

Malicious code in yandex-passport-vault-client (npm)

Published Jan 30, 2023

MAL-2026-230

Malicious code in passport-google-auth-token (npm)

Published Jan 12, 2026

MAL-2025-191035

Malicious code in @ntnx/passport-wso2 (npm)

Published Nov 24, 2025

MAL-2025-3556

Malicious code in passports-twitter (npm)

Published Apr 30, 2025

MAL-2025-4053

Malicious code in passport-approved-token (npm)

Published May 20, 2025

Check your entire dependency tree at onceRun dependency scan →