You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The currently referenced version of jose should be upgraded to at least 4.15.5 due to a vulnerability.
In our (private) repo dependabot alerts on that.
jose 3.0.0 - 4.15.4
Severity: moderate
jose vulnerable to resource exhaustion via specifically crafted JWE with compressed plaintext - https://github.com/advisories/GHSA-hhhv-q57g-882q
Checklist
Description
The currently referenced version of
jose
should be upgraded to at least4.15.5
due to a vulnerability.In our (private) repo dependabot alerts on that.
Reproduction
GHSA-hhhv-q57g-882q
Additional context
No response
nextjs-auth0 version
3.5.0
Next.js version
Node.js version
20
The text was updated successfully, but these errors were encountered: