networknt/light-oauth2

Unavailable

This project is no longer available (or publicly accessible) from GitHub

Releases128

Frequency2 weeks 6 days

Last Release over 2 years ago

Stars314

A fast, light and cloud native OAuth 2.0 authorization microservices based on light-4j

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-31580 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	5.9 MEDIUM	—
light-oauth2 before version 2.1.27 obtains the public key without any verification. This could allow attackers to authenticate to the application with a crafted JWT token.