Golang security: access restriction bypass vulnerability in JWT
5y agoen
Source
SnykGolang security: access restriction bypass vulnerability in JWTsnyk.ioBack in July, the Snyk security team was alerted about a potential security issue in the JWT package. This package provides a Go implementation of JSON web tokens and the issue that was discovered related to a function called VerifyAudience that was not working as expected. This vulnerability is just one example out of hundreds of proprietary Golang security vulnerabilities uncovered this year by Snyk’s security research team. This article sheds some light on the processes used and the trends Snyk is seeing in this quickly growing popular ecosystem.
Comments
Sign in to join the conversation.
No comments yet. Be the first.