Andres Alejandre

icon company IBM icon location Guadalajara icon location Full-Stack (React, NodeJS + Python) Developer@IBM Guadalajara

Results 1 issues of Andres Alejandre

express-session vulnerability since it is still using a very old cookie-signature version

1 comment

## Vulnerability express-session, even in the latest v1.18.0, is still using cookie-signature v1.0.7 which is over a year old and it has a 'sha1' vulnerability: https://owasp.org/Top10/A02_2021-Cryptographic_Failures/ ## Problem In my...