This repository has been archived by the owner on Feb 25, 2019. It is now read-only.
Insecure dependencies - HMAC flaw #372
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
passport-saml 0.15.0 has a number of remotely-exploitable security defects, including possible HMAC key recovery
https://rdist.root.org/2010/07/19/exploiting-remote-timing-attacks/
https://snyk.io/test/github/anvilresearch/connect.git?severity=high&severity=medium&severity=low
The text was updated successfully, but these errors were encountered: