{"source":1111244,"name":"jws","dependency":"jws","title":"auth0/node-jws Improperly Verifies HMAC Signature","url":"https://github.com/advisories/GHSA-869p-cjfg-cm3x","severity":"high","versions":["0.0.1","0.0.2","0.2.0","0.2.1","0.2.2","0.2.3","0.2.4","0.2.5","0.2.6","1.0.0","1.0.1","2.0.0","3.0.0","3.1.0","3.1.1","3.1.2","3.1.3","3.1.4","3.1.5","3.2.0","3.2.1","3.2.2","3.2.3","4.0.0","4.0.1"],"vulnerableVersions":["0.0.1","0.0.2","0.2.0","0.2.1","0.2.2","0.2.3","0.2.4","0.2.5","0.2.6","1.0.0","1.0.1","2.0.0","3.0.0","3.1.0","3.1.1","3.1.2","3.1.3","3.1.4","3.1.5","3.2.0","3.2.1","3.2.2"],"cwe":["CWE-347"],"cvss":{"score":7.5,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},"range":"<3.2.3","id":"hq+zlUvWTvTM5NMEfYlNOAiKS4G7vYa/Lshiz4/MzYjM8ni1XweXO2qZFURwKR9snMpDSxvwL7PHoAz306//5w=="}