The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. The json-jwt (aka JSON::JWT) gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass JSON::JWT.decode. (CVE-2023-51774) Note that Nessus relies on the presence of the package as reported by the vendor. File data…Read More
Linux Distros Unpatched Vulnerability : CVE-2023-51774
