Vulnerabilities (CVE)

Filtered by vendor Networknt Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-31580 1 Networknt 1 Light-oauth2 2024-11-21 N/A 5.9 MEDIUM
light-oauth2 before version 2.1.27 obtains the public key without any verification. This could allow attackers to authenticate to the application with a crafted JWT token.