⁠⁠⁠⁠Do you want to receive a desktop notification when new content is published? YES NO Facebook Twitter Twitter Conversion Twitter Conversion Blog Critical vulnerabilities in JSON Web Token libraries Which libraries are vulnerable to attacks and how to prevent them. Tim McLean March 31, 2015 Use Auth0 for Free Share this post tl;dr If you are using node-jsonwebtoken , pyjwt , namshi/jose , php-jwt or jsjwt with asymmetric keys (RS256, RS384, RS512, ES256, ES384, ES512) please update to the latest version. See jwt.io for more information on the vulnerable libraries. (Updated 2015-04-20) This is a guest post from Tim McLean, who is a member of the Auth0 Security Researcher Hall of Fame . Tim normally blogs at www.timmclean.net . Recently, while reviewing the security of var...