Authentication Bypass

fast-jwt is vulnerable to Authentication Bypass. The vulnerability is due to improper validation of the iss claim, allowing an array of strings as a valid issuer, which can be exploited for JWT forger ...

Continue Reading

March 25, 2025

CVE-2025-30204 jwt-go allows excessive memory allocation during header parsing

golang-jwt is a Go implementation of JSON Web Tokens. Prior to 5.2.2 and 4.5.2, the function parse.ParseUnverified splits (via a call to strings.Split) its argument (which is untrusted data) on perio ...

Continue Reading

March 24, 2025

CVE-2025-30204

No description is available for this...Read More ...

Continue Reading

March 23, 2025

CVE-2025-30204

No description is available for this...Read More ...

Continue Reading

March 23, 2025

Exploit for CVE-2025-29927

CVE-2025-29927 Authorization Bypass reproduction This repository is a reproduction of the CVE-2025-29927 vulnerability in the next package How to reproduce Follow the steps below to clone, and run th ...

Continue Reading

March 23, 2025

Linux Distros Unpatched Vulnerability : CVE-2024-33664

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. python-jose through 3.3.0 allows attackers to cause a denial of ...

Continue Reading

March 23, 2025

GHSA-MH63-6H87-95CP jwt-go allows excessive memory allocation during header parsing

Summary Function parse.ParseUnverified currently splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a malicious request whose Authoriza ...

Continue Reading

March 23, 2025

CVE-2025-30204

golang-jwt is a Go implementation of JSON Web Tokens. Prior to 5.2.2 and 4.5.2, the function parse.ParseUnverified splits (via a call to strings.Split) its argument (which is untrusted data) on perio ...

Continue Reading

March 23, 2025

1 316 317 318 319 320 551

Back to Main
Subscribe for the latest news: