Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

mercredi 1 juillet 2020

express-jwt up to 5.3.3 on npm privilege escalation [CVE-2020-15084]

A vulnerability, which was classified as critical, has been found in express-jwt up to 5.3.3 on npm. This issue affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Lien vers l'article source

Auteur: VulDB

Catégories: VulDBNombre de vues: 72


Événements SSI