Hackerone Jwt-simple Node Module
1 CVEs affecting Hackerone Jwt-simple Node Module. Latest disclosed: 2018-05-31. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-10555 | | 2018-05-31 | Since "algorithm" isn't enforced in jwt.decode()in jwt-simple 0.3.0 and earlier, a malicious user could choose what algorithm is sent sent to the server. If th⦠|