Improper Verification of Cryptographic Signature
Overview jws is an Implementation of JSON Web Signatures Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the createVerify function when using HS256 HMAC algorithms and incorporating user-provided data from the JSON Web Signature Protected...