Description
tEnvoy contains the PGP, NaCl, and PBKDF2 in node.js and the browser (hashing, random, encryption, decryption, signatures, conversions), used by TogaTech.org. In versions prior to 7.0.
Recommendation
Update the tenvoy package to the latest compatible version. Followings are version details:
- Affected version(s): < 7.0.3
- Patched version(s): 7.0.3
References
Related Issues
- Auth0 NextJS SDK v4 Missing Session Invalidation - CVE-2025-46344
- Potential DoS when using ContextLines integration - Vulnerability
- sanitize-html Information Exposure vulnerability - CVE-2024-21501
- json-schema-ref-parser Prototype Pollution issue - CVE-2024-29651
- Tags:
- npm
- tenvoy
Anything's wrong? Let us know Last updated on February 01, 2023