node-jose vulnerabilities

A JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for current web browsers and node.js-based servers

latest version

2.2.0
latest non vulnerable version

2.2.0
first published

9 years ago
latest version published

a year ago
licenses detected
- Apache-2.0
  >=0
View node-jose package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the node-jose package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Infinite loop	<2.2.0
H Insecure Token Validation	<0.11.0
H Elliptic Curve Key Disclosure	<0.9.3
H Elliptic Curve Key Disclosure	<0.9.3

Package versions

1 - 30 of 30 Results

version	published	direct vulnerabilities
2.2.0	16 Feb, 2023	0 C 0 H 0 M 0 L
2.1.1	30 Mar, 2022	0 C 1 H 0 M 0 L
2.1.0	4 Feb, 2022	0 C 1 H 0 M 0 L
2.0.0	20 Sep, 2020	0 C 1 H 0 M 0 L
1.1.4	26 Mar, 2020	0 C 1 H 0 M 0 L
1.1.3	18 Mar, 2019	0 C 1 H 0 M 0 L
1.1.2	28 Feb, 2019	0 C 1 H 0 M 0 L
1.1.1	1 Feb, 2019	0 C 1 H 0 M 0 L
1.1.0	5 Nov, 2018	0 C 1 H 0 M 0 L
1.0.0	30 May, 2018	0 C 1 H 0 M 0 L
0.11.1	15 May, 2018	0 C 1 H 0 M 0 L
0.11.0	4 Dec, 2017	0 C 1 H 0 M 0 L
0.10.0	29 Sep, 2017	0 C 2 H 0 M 0 L
0.9.5	7 Aug, 2017	0 C 2 H 0 M 0 L
0.9.4	13 Apr, 2017	0 C 2 H 0 M 0 L
0.9.3	20 Feb, 2017	0 C 2 H 0 M 0 L
0.9.2	29 Dec, 2016	0 C 4 H 0 M 0 L
0.9.1	23 Aug, 2016	0 C 4 H 0 M 0 L
0.9.0	17 Jul, 2016	0 C 4 H 0 M 0 L
0.8.1	13 Jul, 2016	0 C 4 H 0 M 0 L
0.8.0	18 Apr, 2016	0 C 4 H 0 M 0 L
0.7.1	9 Feb, 2016	0 C 4 H 0 M 0 L
0.7.0	14 Jan, 2016	0 C 4 H 0 M 0 L
0.6.0	12 Dec, 2015	0 C 4 H 0 M 0 L
0.5.2	30 Nov, 2015	0 C 4 H 0 M 0 L
0.5.1	19 Nov, 2015	0 C 4 H 0 M 0 L
0.5.0	1 Nov, 2015	0 C 4 H 0 M 0 L
0.4.0	12 Oct, 2015	0 C 4 H 0 M 0 L
0.3.1	6 Oct, 2015	0 C 4 H 0 M 0 L
0.3.0	21 Sep, 2015	0 C 4 H 0 M 0 L