JWT tokens signed using NKeys for Ed25519 for the NATS...Read More ...
Continue Reading
December 15, 2023
JWT tokens signed using NKeys for Ed25519 for the NATS...Read More ...
Continue Reading
December 15, 2023
A hard-coded cryptographic private key used to sign JWT authentication tokens in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate arbitrary users and roles in web management and RES ...
Continue Reading
December 15, 2023
A vulnerability, which was classified as critical, was found in Thecosy IceCMS 2.0.1. Affected is an unknown function of the file /article/DelectArticleById/ of the component Article Handler. The mani ...
Continue Reading
December 15, 2023
json-web-token is vulnerable to Json Web Token (JWT) Bypass. The vulnerability is due to an insecure mechanism used while verifying the signature of a JWT. The library blindly trusts the algorithm lis ...
Continue Reading
December 15, 2023
Summary The fast-jwt library does not properly prevent JWT algorithm confusion for all public key types. Details The 'publicKeyPemMatcher' in 'fast-jwt/src/crypto.js' does not prop ...
Continue Reading
December 15, 2023
Summary The fast-jwt library does not properly prevent JWT algorithm confusion for all public key types. Details The 'publicKeyPemMatcher' in 'fast-jwt/src/crypto.js' does not prop ...
Continue Reading
December 15, 2023
fast-jwt is vulnerable to JWT Algorithm Confusion. The vulnerability is caused by a missing validation on publicKeyPemMatcher constant defined in fast-jwt/src/crypto.js which is used to match all comm ...
Continue Reading
December 15, 2023
Back to Main
