Vulnerabilities > JWT Project > JWT
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-28 | CVE-2021-41106 | Insufficient Verification of Data Authenticity vulnerability in JWT Project JWT JWT is a library to work with JSON Web Token and JSON Web Signature. | 2.1 |
| 2017-01-23 | CVE-2016-7037 | 7PK - Time and State vulnerability in JWT Project JWT The verify function in Encryption/Symmetric.php in Malcolm Fell jwt before 1.0.3 does not use a timing-safe function for hash comparison, which allows attackers to spoof signatures via a timing attack. | 5.0 |