PKSA-rq51-8s6h-13tp Security Advisory
-
[HIGH] PHP JWT Framework: JWSVerifier uses algorithm from unprotected header, enabling algorithm confusion attacks
PKSA-rq51-8s6h-13tp GHSA-jc38-x7x8-2xc8
Affected package: web-token/jwt-experimental
Affected version: >=4.1.0,<4.1.7|>=4.0.0,<4.0.7|<3.4.10
Reported by:
GitHub