The json-jwt (aka JSON::JWT) gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass...Read More ...
Continue Reading
March 06, 2024
The json-jwt (aka JSON::JWT) gem versions 1.16.5 and below sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass...Read Mo ...
Continue Reading
March 03, 2024
The json-jwt (aka JSON::JWT) gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass...Read More ...
Continue Reading
March 02, 2024
The json-jwt (aka JSON::JWT) gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass...Read More ...
Continue Reading
March 01, 2024
The json-jwt (aka JSON::JWT) gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass...Read More ...
Continue Reading
February 29, 2024
Vulnerabilities for packages:...Read More ...
Continue Reading
February 26, 2024
Vulnerabilities for packages:...Read More ...
Continue Reading
February 26, 2024
Vulnerabilities for packages: py3-urllib3-1, kubeflow-volumes-web-app, kubeflow-jupyter-web-app, jwt-tool, py3-tensorflow-serving-api,...Read More ...
Continue Reading
February 26, 2024
Back to Main
