search

phenggeler / juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
http://owasp-juice.shop
MIT License
0 stars 0 forks source link

Security Alert - Package: jsonwebtoken; Severity: CRITICAL; #2

Open phenggeler opened 3 years ago

phenggeler commented 3 years ago 
    A new vulnerability has been reported by Dependabot. The criticality of this vulnerability is CRITICAL.

    CRITICAL vulnerabilities have an SLA of 30 days according to our policy.

    Affected package: jsonwebtoken
    Ecosystem: NPM
    Affected version range: < 4.2.2

    Fixed Version: 4.2.2
    Created Date = September 09, 2021

    Severity: CRITICAL

    ***Additional Context***
    https://github.com/phenggeler/juice-shop/security/dependabot?q=is%3Aopen+sort%3Anewest