CVE-2021-29443

Information Exposure Through Discrepancy in npm/jose

Identifier

CVE-2021-29443

Package Slug

npm/jose

Vulnerability

Information Exposure Through Discrepancy

Description

jose is an npm library providing a number of cryptographic operations.

Affected Versions

All versions starting from 1.0.0 before 1.28.1, all versions starting from 2.0.0 before 2.0.5, all versions starting from 3.0.0 before 3.11.4

Solution

Upgrade to versions 1.28.1, 2.0.5, 3.11.4 or above.

Last Modified

2021-05-03

source