nov/json-jwt

JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and JSON Web Key) in Ruby

RubyMIT

Issues

Backport of CVE fix?
#121 opened 8 months ago by mjankowski
5
json-jwt allows bypass of identity checks via a sign/encryption
#120 opened 8 months ago by Shoaib19
7
Security Vulnerability: JSON::JWT.decode Method
#118 opened 9 months ago by davidwayfinder
4
Patch for CVE-2023-51774 / GHSA-c8v6-786g-vjx6?
#119 opened 8 months ago by postmodern
1
Security: susceptible to sign/encrypt confusion attacks
#113 opened 9 months ago by rc-mattschwager
5
`JSON::JWK::Set#[]` was overwritten in v1.15.1
#117 opened 9 months ago by kkitadate
1
Why is the CHANGELOG so small?
#116 opened 9 months ago by afilbert
1
Declare dependency on base64
#114 opened 10 months ago by Earlopain
1
"cannot load such file -- json-jwt (LoadError)"
#82 opened 5 years ago by merefield
2
JWE class doesn't copy the input headers
#112 opened a year ago by ehsanidme
8
Support for RSA-OAEP-256
#98 opened 2 years ago by murtazahaider5
2
How to report security vulnerabilities
#108 opened 2 years ago by btoews
2
Conflicting binary
#106 opened 2 years ago by depesz
2
uninitialized constant JSON::JWT
#99 opened 2 years ago by GMolini
2
Add OpenSSL 3 support
#100 opened 2 years ago by lucaskanashiro
2
Serialization of valid JW* not always valid
#97 opened 3 years ago by jphastings
4
Ed25519 support
#87 opened 3 years ago by nov
0
ECDH-ES support in JWE
#78 opened 3 years ago by byt3pool
1
Changelog
#68 opened 3 years ago by clickmonkee
0
[SECURITY] Algorithm Confusion Through kid Header
#95 opened 3 years ago by paragonie-security
1
test failures with ruby3.0
#96 opened 3 years ago by boutil
5
Update Bindata Dependency Due To Security Issue
#94 opened 3 years ago by Gerst20051
1
Decode jwt without verifying
#93 opened 4 years ago by SerKnight
1
Support JWS Payloads that are not JSON
#91 opened 4 years ago by radamson
2
Support for Unencoded Payload Option (RFC 7797)?
#88 opened 4 years ago by wout
1
Push tag v1.10.0
#72 opened 4 years ago by MITSUBOSHI
3
Support for Unencoded Payload Option (RFC 7797)
#77 opened 6 years ago by idigber
4
Token to string doesn't match the original compact token
#71 opened 6 years ago by MatteoJoliveau
1
twistlock security scan shows that privatekeys are stored in the container
#73 opened 6 years ago by v1nayv
0
Relation with ruby-jwt gem
#67 opened 6 years ago by printercu
1
EC key throwing OpenSSL::PKey::EC::Point::Error
#51 opened 7 years ago by travisofthenorth
13
Support blank payloads in JWS
#69 opened 6 years ago by seandilda
4
activesupport required version is not defined
#65 opened 6 years ago by dlozano
1
Nimbus JOSE+JWT IV additional character being ignored
#64 opened 6 years ago by bharatshivram
4
Algorithm autodetection does not consider JWK
#61 opened 7 years ago by bdewater
2
Encrypt then Sign
#58 opened 7 years ago by tfluehmann
1
Support RSA PSS
#54 opened 7 years ago by nov
0
certain malformed JWTs throw nil errors
#53 opened 7 years ago by cainlevy
1
Thread safety?
#50 opened 7 years ago by FranklinYu
2
Can payload for signing with JWT be a string instead of a json
#49 opened 7 years ago by Phuong5664
2
Getting "public" properties from keys
#48 opened 7 years ago by toupeira
3
JWK from Hash or JSON file?
#47 opened 7 years ago by FranklinYu
0
OpenSSL::PKey interface has changed in Ruby 2.4
#45 opened 7 years ago by cmoylan
10
jti claim in JWT header
#43 opened 8 years ago by johntopleyons
2
Minimum ruby version?
#38 opened 8 years ago by futureperfect
7
Activesupport requires ruby >= 2.2.2
#35 opened 8 years ago by funzoneq
3
verify signature JWT
#42 opened 8 years ago by ErnstA
4
Any objection to me adding a :skip_verification example to your wiki docs?
#41 opened 8 years ago by theirishpenguin
2
1.6.2 broke backwards compatibility, no longer sets algorithm when signing JWT
#39 opened 8 years ago by nhinds
6
Header params overwritten when signing
#37 opened 8 years ago by economou
0