Description
JPaseto before 0.3.0 generates weak hashes when using v2.local tokens.
Remediation
References
https://github.com/paseto-toolkit/jpaseto/releases/tag/jpaseto-0.3.0
Related Vulnerabilities
CVE-2021-38294 Vulnerability in maven package org.apache.storm:storm-server
CVE-2017-16028 Vulnerability in npm package react-native-meteor-oauth
CVE-2017-18077 Vulnerability in npm package brace-expansion
CVE-2023-24807 Vulnerability in npm package undici
CVE-2022-23945 Vulnerability in maven package org.apache.shenyu:shenyu-common