-
Notifications
You must be signed in to change notification settings - Fork 1.2k
Security: auth0/node-jsonwebtoken
Security Navigation
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
Insecure input validation in jwt.verify functionGHSA-27h2-hvpr-p74q published
Dec 21, 2022 by julienwollModerate -
Insecure default algorithm in jwt.verify() could lead to signature validation bypassGHSA-qwph-4952-7xr6 published
Dec 21, 2022 by julienwollModerate -
Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMACGHSA-hjrf-2m68-5959 published
Dec 21, 2022 by julienwollModerate -
Unrestricted key type could lead to legacy keys usageGHSA-8cf7-32gw-wr33 published
Dec 21, 2022 by julienwollModerate