Description
GHSA-jc38-x7x8-2xc8
has:
Affected versions <= 4.2.99
Patched versions None
but from what I can see it is fixed on branches, eg:
#655
As a side effect
roave/security-advisories
has picked up the details from the GHSA
Roave/SecurityAdvisories@d59bd7f
and is blocking all installs of web-token/jwt-framework
- web-token/jwt-framework is locked to version 4.1.7 and an update of this package was not requested.
- roave/security-advisories dev-latest conflicts with web-token/jwt-framework <=4.2.99.
Description
GHSA-jc38-x7x8-2xc8
has:
Affected versions <= 4.2.99
Patched versions None
but from what I can see it is fixed on branches, eg:
#655
As a side effect
roave/security-advisories
has picked up the details from the GHSA
Roave/SecurityAdvisories@d59bd7f
and is blocking all installs of web-token/jwt-framework