2 matches found
Improper Verification of Cryptographic Signature
Overview hono is an Ultrafast web framework for the Edges Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to the JWT verification middleware fallback on unverified JWT header when alg field is not present. An attacker can gain unauthorized...
Use of a Broken or Risky Cryptographic Algorithm
Overview hono is an Ultrafast web framework for the Edges Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm due to the JWT verification middleware using unsafe default fallback algorithm. An attacker can gain unauthorized access or escalate...