CVE-2021-29443
Information Exposure Through Discrepancy in npm/jose
Identifiers
CVE-2021-29443, GHSA-58f5-hfqc-jgch
Package Slug
npm/jose
Vulnerability
Information Exposure Through Discrepancy
Description
jose is an npm library providing a number of cryptographic operations.
Affected Versions
All versions starting from 1.0.0 before 1.28.1, all versions starting from 2.0.0 before 2.0.5, all versions starting from 3.0.0 before 3.11.4
Solution
Upgrade to versions 1.28.1, 2.0.5, 3.11.4 or above.
Last Modified
2021-05-03
| source |