Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-29	CVE-2015-9235	Use of a Broken or Risky Cryptographic Algorithm vulnerability in Auth0 Jsonwebtoken In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family). network low complexity auth0 CWE-327 critical	9.8