Skip to content

njwt Prototype Pollution vulnerability

Moderate severity GitHub Reviewed Published May 16, 2024 to the GitHub Advisory Database • Updated Aug 2, 2024

Package

npm njwt (npm)

Affected versions

< 2.0.1

Patched versions

2.0.1

Description

njwt up to v0.4.0 was discovered to contain a prototype pollution in the Parser.prototype.parse method.

References

Published by the National Vulnerability Database May 16, 2024
Published to the GitHub Advisory Database May 16, 2024
Reviewed Aug 2, 2024
Last updated Aug 2, 2024

Severity

Moderate

Weaknesses

CVE ID

CVE-2024-34273

GHSA ID

GHSA-3hvj-2783-34x2

Source code

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.