Security Alert - Package: express-jwt; Severity: HIGH;

phenggeler / juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

http://owasp-juice.shop

MIT License

0 stars 0 forks source link

Security Alert - Package: express-jwt; Severity: HIGH; #26

Open phenggeler opened 3 years ago

phenggeler commented 3 years ago

    A new vulnerability has been reported by Dependabot. The criticality of this vulnerability is HIGH.

    HIGH vulnerabilities have an SLA of 30 days according to our policy.

    Affected package: express-jwt
    Ecosystem: NPM
    Affected version range: <= 5.3.3

    Fixed Version: 6.0.0
    Created Date = September 09, 2021

    ***Additional Context***
    https://github.com/phenggeler/juice-shop/security/dependabot?q=is%3Aopen+sort%3Anewest