Lucene search
Jsonwebtoken Node Module Security Vulnerabilities
cve
In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS*...
9.8CVSS
9.3AI Score
0.006EPSS
2018-05-29 08:29 PM
31