Improper Encoding or Escaping of Output
Overview get-jwks is a Fetch utils for JWKS keys Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the getPublicKey process. An attacker can bypass issuer validation and gain unauthorized access by poisoning the JWKS cache with a crafted public key an...