The version 1.1.1 fixes the issue by adding the tag length check for the `AES-GCM` algorithm. - https://github.com/jwt/ruby-jwe/security/advisories/GHSA-c7p4-hx26 ...