GHSA-8CF7-32GW-WR33 jsonwebtoken unrestricted key type could lead to legacy keys usage
Overview Versions =8.5.1 of jsonwebtoken library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. Am I affected? You are affected if you are using an algorithm and a key type other than the...