Closed swamvenk closed 2 years ago
There is a CVE filed on github.com/dgrijalva/jwt-go. More details about the CVE-2020-26160 can be found on the link
This is can be resolved either by updating github.com/dgrijalva/jwt-go to >v3.2.0 or by using github.com/golang-jwt/jwt instead.
github.com/dgrijalva/jwt-go is no longer maintained and github.com/golang-jwt/jwt is the community maintained fork.
There is a CVE filed on github.com/dgrijalva/jwt-go. More details about the CVE-2020-26160 can be found on the link
This is can be resolved either by updating github.com/dgrijalva/jwt-go to >v3.2.0 or by using github.com/golang-jwt/jwt instead.
github.com/dgrijalva/jwt-go is no longer maintained and github.com/golang-jwt/jwt is the community maintained fork.