Rbellens

**Name of the Vulnerable Software and Affected Versions** jose versions prior to 0.3.5+1 **Description** A flaw in jose could allow a remote attacker to forge valid JWS/JWT tokens by utilizing a key embedded in the JOSE header (`jwk`). The issue arises because key selection may consider header-provided `jwk` as a verification candidate even if the key is not in the trusted key store. An attacker can exploit this by crafting a token payload, embedding an attacker-controlled public key in the header, and signing with the corresponding private key. Applications using affected versions for token verification are susceptible to this issue. **Recommendations** Upgrade to version 0.3.5+1 or later. Reject tokens where a header `jwk` is present unless that `jwk` matches a key already present in the application's trusted key store.