Vulnerabilities > JWT Simple Project

DATE CVE VULNERABILITY TITLE RISK
2018-05-31 CVE-2016-10555 Cryptographic Issues vulnerability in Jwt-Simple Project Jwt-Simple 0.1.0/0.2.0/0.3.0
Since "algorithm" isn't enforced in jwt.decode()in jwt-simple 0.3.0 and earlier, a malicious user could choose what algorithm is sent sent to the server.
network
low complexity
jwt-simple-project CWE-310
6.5