Skip to content
This repository has been archived by the owner on Jul 26, 2022. It is now read-only.

Server-side request forgery #972

Closed
Nawazsherif opened this issue Jan 28, 2021 · 3 comments
Closed

Server-side request forgery #972

Nawazsherif opened this issue Jan 28, 2021 · 3 comments

Comments

@Nawazsherif
Copy link

Nawazsherif commented Jan 28, 2021
edited
Loading

I'm submitting this issue for the package(s):

  • jwt-verifier

I'm submitting a Bug Fix:

Please fix server-side request forgery from your side
@oleksandrpravosudko-okta
Copy link
Contributor

oleksandrpravosudko-okta commented Jan 28, 2021
edited
Loading

Thanks for reporting this @Nawazsherif.

In case you are referring to reported transitive dependency vulnerability, its fix and release are underway. Please let us know if there is a different source of vulnerability you are aware of.

@Nawazsherif
Copy link
Author

This is what I am exactly looking for. Thanks for the quick response.
Expecting the patch soon.

@oleksandrpravosudko-okta
Copy link
Contributor

Released in v2.0.1

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Nawazsherif @oleksandrpravosudko-okta