You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In my project I have this reported since over 5 months ago with the latest change in this package, but still no newer version has come out to fix this vulnerability
Solution
Upgrade the dependency on cookie-signature to a newer version, ideally 1.2.1 where it changes the old sha1 standard to a much more secure and updated sha256
Notes
This is my first time posting an issue here so if I'm missing something please let me know :)