Impact An attacker could crash the server by sending malformed JWT JSON in LoginPacket due to a security vulnerability in netresearch/jsonmapper, due to attempting to construct objects from scalar typ ...
Continue Reading
March 06, 2024
The json-jwt (aka JSON::JWT) gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass...Read More ...
Continue Reading
March 06, 2024
The json-jwt (aka JSON::JWT) gem versions 1.16.5 and below sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass...Read Mo ...
Continue Reading
March 03, 2024
The json-jwt (aka JSON::JWT) gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass...Read More ...
Continue Reading
March 02, 2024
The json-jwt (aka JSON::JWT) gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass...Read More ...
Continue Reading
March 01, 2024
The json-jwt (aka JSON::JWT) gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass...Read More ...
Continue Reading
February 29, 2024
Vulnerabilities for packages:...Read More ...
Continue Reading
February 26, 2024
Vulnerabilities for packages:...Read More ...
Continue Reading
February 26, 2024
Back to Main
