json-jwt vulnerabilities

JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and JSON Web Key) in Ruby

Latest version: 1.10.0

View on RubyGems.org

Licenses detected

  • license: Unknown < 0.6.1, >= 0.0.0
  • license: MIT >= 0.6.1
Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the json-jwt package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability Vulnerable versions Snyk patch Published
  • M
Signature Validation Bypass
<1.9.4 Not available 28 Jun, 2018
  • M
Timing Attack
<0.6.1 Not available 05 Jul, 2017
  • M
Denial of Service (DoS)
<0.4.2 Not available 05 Jul, 2017