PT-2025-4383 · Jwk Set +1 · Jwk Set +1
Name of the Vulnerable Software and Affected Versions: JWK Set versions prior to 0.6.0 Description: The project's provided HTTP client's local JWK Set cache should do a full replacement when the goroutine refreshes the remote JWK Set. However, the current behavior is to overwrite or append, which...