2 matches found
Use of Less Trusted Source
Overview Affected versions of this package are vulnerable to Use of Less Trusted Source that can circumvent the trusted dependencies list. An attacker can cause unintended dependencies to be loaded by including malicious file:, link:, git:, or github: URLs to import packages whose names also exis...
PT-2025-47405
Name of the Vulnerable Software and Affected Versions joserfc versions 1.3.3 through 1.3.4 joserfc versions 1.4.0 through 1.4.1 Description The joserfc library has an issue where excessively large JWT JSON Web Token payloads can be logged, potentially leading to resource exhaustion. Specifically,...