Vulnerabilities > JWT Simple Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-05-31 | CVE-2016-10555 | Cryptographic Issues vulnerability in Jwt-Simple Project Jwt-Simple 0.1.0/0.2.0/0.3.0 Since "algorithm" isn't enforced in jwt.decode()in jwt-simple 0.3.0 and earlier, a malicious user could choose what algorithm is sent sent to the server. | 6.5 |