[Snyk] Upgrade jwks-rsa from 1.12.2 to 1.12.3

[ambravo]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade jwks-rsa from 1.12.2 to 1.12.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 1 version ahead of your current version.
• The recommended version was released a year ago, on 2021-02-26.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-1579269	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: jwks-rsa

• 1.12.3 - 2021-02-26
  

  [1.12.3] - (2021-02-25)

  Added

  • Add alg to SigningKey types #220 (okko)

  Fixed

  • Fix npmjs resolves #221 (adamjmcgrath)
  • Fix Import default Axios instance #216 (dsebastien)
• 1.12.2 - 2021-01-07
  

  Release 1.12.2

from jwks-rsa GitHub release notes

Commit messages

Package name: jwks-rsa

• f99d261 1.12.3 Release
• bd4be6a Add alg to SigningKey types (#220)
• 4679199 Import default Axios instance. fix #215. (#216)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs