diff --git a/vuln/npm/87.json b/vuln/npm/87.json
index 3c9fe220..f758b979 100644
--- a/vuln/npm/87.json
+++ b/vuln/npm/87.json
@@ -7,8 +7,8 @@
   "module_name": "jwt-simple",
   "publish_date": "2016-10-31T20:32:51+00:00",
   "cves": [],
-  "vulnerable_versions": null,
-  "patched_versions": null,
+  "vulnerable_versions": "< 0.3.0",
+  "patched_versions": ">= 0.3.0",
   "slug": "jwt-simple_forgeable-publicprivate-tokens",
   "overview": "Since \"algorithm\" isn't enforced in jwt.decode(), a malicious user could choose what algorithm is sent sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants.",
   "recommendation": "Change jwt.decode() to include an algorithm parameter.",
@@ -16,4 +16,4 @@
   "cvss_vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
   "cvss_score": 4.2,
   "coordinating_vendor": "^Lift Security"
-}
\ No newline at end of file
+}