Tag: JWT
Problems related to JSON Web Tokens, such as invalid signatures, expired tokens, or malformed claims
| ID | Title | Description | Category | Technology | Tags |
|---|---|---|---|---|---|
| CRE-2025-0131 High Impact: 10/10 Mitigation: 4/10 | Supabase Self-Hosted: JWT Secret Missing or Invalid Configuration | Detects when Supabase self-hosted services fail due to missing, empty, or invalid JWT_SECRET configuration. This affects Auth service, REST API, and all authentication-dependent operations. Invalid JWT secrets prevent API token validation and break the entire authentication flow. | authentication | supabase | SupabaseAuthenticationJWTConfigurationSecurityApi KeySelf-HostedPublic |