jsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC
Moderate severity
GitHub Reviewed
Published
Dec 21, 2022
in
auth0/node-jsonwebtoken
•
Updated Jun 24, 2024
Give feedback on Dependabot alerts