GHSA-H395-GR6Q-CPJC jsonwebtoken has Type Confusion that leads to potential authorization bypass
Summary: It has been discovered that there is a Type Confusion vulnerability in jsonwebtoken, specifically, in its claim validation logic. When a standard claim such as nbf or exp is provided with an incorrect JSON type Like a String instead of a Number, the library’s internal parsing mechanism...