PT-2022-16059
Name of the Vulnerable Software and Affected Versions jsonwebtoken versions =8.5.1 Description The jsonwebtoken library could be misconfigured to use legacy, insecure key types for signature verification. For example, DSA keys could be used with the RS256 algorithm. Users are affected if they use...