GMS-2016-11: Authentication Bypass in Try Mode

January 28, 2016

When attempting to allow authentication mode try in hapi, Hapi introduced an issue whereby people can bypass authentication.

References

github.com/dwyl/hapi-auth-jwt2/issues/111
github.com/dwyl/hapi-auth-jwt2/pull/112

Detect and mitigate GMS-2016-11 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →