robbert229/jwt

Releases2

Frequency4 months 1 week

Last Release over 8 years ago

Stars104

This is an implementation of JWT in golang!

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2015-10004 ↗	Dec 27, 2022Tuesday, 27 December 2022, 22:15	7.5 HIGH	—
Token validation methods are susceptible to a timing side-channel during HMAC comparison. With a large enough number of requests over a low latency connection, an attacker may use this to determine the expected HMAC.