GO-2024-2454 Panic due to nil pointer dereference in github.com/lestrrat-go/jwx/v2

Panic due to nil pointer dereference in github.com/lestrrat-go/jwx/v2...

GHSA-PVCR-V8J8-J5Q3 Parsing JSON serialized payload without protected field can lead to segfault

Summary Calling jws.Parse with a JSON serialized payload where the signature field is present while protected is absent can lead to a nil pointer dereference. Details This seems to also affect other functions that calls Parse internally, like jws.Verify. My understanding of these functions from t...