Quantum Outpost

Public scan · 2026-05-01

auth0/node-jsonwebtoken

JsonWebToken implementation for node.js http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html

github → JavaScript ★ 18,162 commit 02688b9 scanner v0.1.0

Files scanned

74

Shor-vulnerable

13

RSA / ECC / Ed* / X25519

Grover-weakened

0

AES-128 / SHA-1 / MD5

Total occurrences

13

Breakdown by primitive

  • RSA 6
  • ECC certificate 4
  • RSA certificate 3

Findings

download CycloneDX 1.6 CBOM →
test/async_sign.tests.js open ↗
  • L64 Shor RSA node-rsa-keypair 
    const { privateKey } = generateKeyPairSync('rsa', { modulusLength: 1024 });
  • L73 Shor RSA node-rsa-keypair 
    const { privateKey } = generateKeyPairSync('rsa', { modulusLength: 1024 });
test/ecdsa-private.pem open ↗
  • L9 Shor ECC certificate pem-ec-key 
    -----BEGIN EC PRIVATE KEY-----
test/jwt.hs.tests.js open ↗
  • L12 Shor RSA node-rsa-keypair 
    const { privateKey } = generateKeyPairSync('rsa', { modulusLength: 2048 });
test/jwt.malicious.tests.js open ↗
  • L19 Shor RSA node-rsa-keypair 
    } = crypto.generateKeyPairSync('rsa', {modulusLength: 2048});
test/prime256v1-private.pem open ↗
  • L1 Shor ECC certificate pem-ec-key 
    -----BEGIN EC PRIVATE KEY-----
test/priv.pem open ↗
  • L1 Shor RSA certificate pem-rsa-key 
    -----BEGIN RSA PRIVATE KEY-----
test/rsa-private.pem open ↗
  • L1 Shor RSA certificate pem-rsa-key 
    -----BEGIN RSA PRIVATE KEY-----
test/rsa-public-key.pem open ↗
  • L1 Shor RSA certificate pem-rsa-key 
    -----BEGIN RSA PUBLIC KEY-----
test/rsa-public-key.tests.js open ↗
  • L19 Shor RSA node-rsa-keypair 
    const { privateKey } = generateKeyPairSync('rsa', { modulusLength: 1024 });
  • L29 Shor RSA node-rsa-keypair 
    const { privateKey } = generateKeyPairSync('rsa', { modulusLength: 1024 });
test/secp384r1-private.pem open ↗
  • L1 Shor ECC certificate pem-ec-key 
    -----BEGIN EC PRIVATE KEY-----
test/secp521r1-private.pem open ↗
  • L1 Shor ECC certificate pem-ec-key 
    -----BEGIN EC PRIVATE KEY-----