Skip to content

jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()

Moderate severity GitHub Reviewed Published Dec 21, 2022 in auth0/node-jsonwebtoken • Updated Jun 21, 2024

No closed alerts for this advisory

Give feedback on Dependabot alerts