2 matches found
jose 数据伪造问题漏洞
Jose is a JavaScript module developed by Filip Skokan for JSON object signing and encryption. Versions of JOSE prior to 0.3.5+1 contained a data manipulation vulnerability. This vulnerability arises from the possibility that key selection may treat the jwk embedded in the JOSE header as a...
zip-local 路径遍历漏洞
Zip-Local is a very simple compression /Uzipping local files and directories in nodes .Js by Mostafa Samir Personal Developer. A security vulnerability exists in versions of zip-local prior to 0.3.5, which allows for arbitrary file write attacks...