VYPR

Maven package

com.manydesigns/portofino-dispatcher

pkg:maven/com.manydesigns/portofino-dispatcher

Vulnerabilities (1)

  • CVE-2021-29451Apr 16, 2021
    affected >= 5.0.0, < 5.2.1fixed 5.2.1

    Portofino is an open source web development framework. Portofino before version 5.2.1 did not properly verify the signature of JSON Web Tokens. This allows forging a valid JWT. The issue will be patched in the upcoming 5.2.1 release.