Description
JPaseto before 0.3.0 generates weak hashes when using v2.local tokens.
Remediation
References
https://github.com/paseto-toolkit/jpaseto/releases/tag/jpaseto-0.3.0
Related Vulnerabilities
CVE-2022-31151 Vulnerability in maven package org.webjars.npm:undici
CVE-2018-1000548 Vulnerability in maven package com.umlet:umlet-swing
CVE-2021-41183 Vulnerability in maven package org.webjars.npm:jquery-ui
CVE-2018-10237 Vulnerability in maven package com.google.guava:guava
CVE-2021-46320 Vulnerability in npm package @openzeppelin/contracts