vulnerability in passport-jwt's dependancy jsonwebtoken #244
Comments
|
Same here, using it with nest.js for JWT strategies, getting a high vulnerability. |
|
We have the same problem! |
|
Went ahead and created #245 |
|
@mikenicholson Please merge #245 and release ASAP Snyk is stopping our app from going to production with this version Thank you! |
|
I'm too facing this issues with snyk. @mikenicholson please let me know when will this be merged and released. |
mikenicholson
added a commit
that referenced
this issue
Dec 24, 2022
Previous version was affected by high severity vulnerability CVE-2022-23529. Resolves #244
|
4.0.1 bumps the jsonwebtoken dependnecy and has been release to NPM |
|
Thanks so much !! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Updating to jsonwebtoken's latest version 9.0.0 resolves the vulnerability
Vulnerability details : GHSA-27h2-hvpr-p74q
The text was updated successfully, but these errors were encountered: