Hold on, we're currently generating a fresh version of this report

Generated on Feb 29, 2024 via pnpm

passport-ldapauth 0.2.0

LDAP authentication strategy for Passport

Package summary

23

issues

5

licenses

Package created

13 Apr 2013

Version published

12 Feb 2014

Maintainers

1

Total deps

24

Direct deps

2

License

MIT

Issues

23

13 critical severity issues

json-schema@0.2.2

json-schema is vulnerable to Prototype Pollution

Recommendation: Upgrade to version 0.4.0 or later

via: ldapauth-fork@2.2.19

asn1@0.2.1

Package has no specified license

Recommendation: Check the package code and files for license information

via: ldapauth-fork@2.2.19

assert-plus@0.1.5

Package has no specified license

Recommendation: Check the package code and files for license information

via: ldapauth-fork@2.2.19

bindings@1.0.0

Package has no specified license

Recommendation: Check the package code and files for license information

via: ldapauth-fork@2.2.19

bunyan@0.22.1

Package has no specified license

Recommendation: Check the package code and files for license information

via: ldapauth-fork@2.2.19

dtrace-provider@0.2.8

Package has no specified license

Recommendation: Check the package code and files for license information

via: ldapauth-fork@2.2.19

extsprintf@1.0.0

Package has no specified license

Recommendation: Check the package code and files for license information

via: ldapauth-fork@2.2.19

jsprim@0.3.0

Package has no specified license

Recommendation: Check the package code and files for license information

via: ldapauth-fork@2.2.19

ldapjs@0.7.1

Package has no specified license

Recommendation: Check the package code and files for license information

via: ldapauth-fork@2.2.19

pause@0.0.1

Package has no specified license

Recommendation: Check the package code and files for license information

via: passport@0.2.2

pooling@0.4.6

Package has no specified license

Recommendation: Check the package code and files for license information

via: ldapauth-fork@2.2.19

verror@1.1.0

Package has no specified license

Recommendation: Check the package code and files for license information

via: ldapauth-fork@2.2.19

verror@1.3.3

Package has no specified license

Recommendation: Check the package code and files for license information

via: ldapauth-fork@2.2.19

5 high severity issues

ldapauth-fork@2.2.19

LDAP Injection in ldapauth

Recommendation: Upgrade to version 2.3.3 or later

via: ldapauth-fork@2.2.19

mv@0.0.5

Package uses an invalid SPDX license ("BSD")

Recommendation: Validate that the package complies with your license policy

via: ldapauth-fork@2.2.19

once@1.3.0

Package uses an invalid SPDX license ("BSD")

Recommendation: Validate that the package complies with your license policy

via: ldapauth-fork@2.2.19

json-schema@0.2.2

Package uses an invalid SPDX license ("(AFLv2.1 OR BSD)")

Recommendation: Validate that the package complies with your license policy

via: ldapauth-fork@2.2.19

bcrypt@0.7.8

Deprecated package

via: ldapauth-fork@2.2.19

3 moderate severity issues

bcrypt@0.7.8

Integer Overflow or Wraparound and Use of a Broken or Risky Cryptographic Algorithm in bcrypt

Recommendation: Upgrade to version 5.0.0 or later

via: ldapauth-fork@2.2.19

passport@0.2.2

Passport vulnerable to session regeneration when a users logs in or out

Recommendation: Upgrade to version 0.6.0 or later

via: passport@0.2.2

pause@0.0.1

Package has no specified source code repository

via: passport@0.2.2

2 low severity issues

mv@0.0.5

Package uses a license that is not OSI approved ("BSD")

Recommendation: Read and validate the license terms

via: ldapauth-fork@2.2.19

once@1.3.0

Package uses a license that is not OSI approved ("BSD")

Recommendation: Read and validate the license terms

via: ldapauth-fork@2.2.19

Licenses

N/A

N/A

12 Packages, Including:

asn1@0.2.1

assert-plus@0.1.5

bindings@1.0.0

bunyan@0.22.1

dtrace-provider@0.2.8

extsprintf@1.0.0

jsprim@0.3.0

ldapjs@0.7.1

pause@0.0.1

pooling@0.4.6

verror@1.1.0

verror@1.3.3

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

8 Packages, Including:

bcrypt@0.7.8

ldapauth-fork@2.2.19

lru-cache@2.5.0

nopt@2.1.1

passport-ldapauth@0.2.0

passport-strategy@1.0.0

passport@0.2.2

vasync@1.4.0

BSD

Invalid

Not OSI Approved

2 Packages, Including:

mv@0.0.5

once@1.3.0

ISC License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

Cannot

hold-liable

Must

include-copyright

include-license

1 Packages, Including:

abbrev@1.1.1

(AFLv2.1 OR BSD)

Invalid

1 Packages, Including:

json-schema@0.2.2

Direct Dependencies

2

All Dependencies CSV

ⓘ This is a list of passport-ldapauth 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities
ldapauth-fork	2.2.19	21.77 kB	MIT	prod	12 5 1 2
passport	0.2.2	11.94 kB	MIT	prod	1 2

Recent Versions