Vulnerabilities > Auth0 > Express JWT

DATE CVE VULNERABILITY TITLE RISK
2020-06-30 CVE-2020-15084 Incorrect Authorization vulnerability in Auth0 Express-Jwt
In express-jwt (NPM package) up and including version 5.3.3, the algorithms entry to be specified in the configuration is not being enforced.
network
low complexity
auth0 CWE-863
critical
9.1