web-auth/webauthn-lib Security Advisories for 5.0.x-dev (1)
-
[LOW] Webauthn: SimpleFakeCredentialGenerator with an empty secret produces predictable fake credentials, weakening username enumeration protection
PKSA-zk1n-qbm6-d3rq GHSA-gq4g-fpc9-vjfq
Affected version: >=4.9.0,<5.3.5
Reported by:
GitHub