light-oauth2 before version 2.1.27 obtains the public key without any verification. This could allow attackers to authenticate to the application with a crafted JWT token.Read More ...
Continue Reading
December 15, 2023
joaquimserafim/json-web-token is a javascript library use to interact with JSON Web Tokens (JWT) which are a compact URL-safe means of representing claims to be transferred between two parties. Affect ...
Continue Reading
December 15, 2023
fast-jwt provides fast JSON Web Token (JWT) implementation. Prior to version 3.3.2, the fast-jwt library does not properly prevent JWT algorithm confusion for all public key types. The 'publicKey ...
Continue Reading
December 15, 2023
- ------------------------------------------------------------------------- Debian Security Advisory DSA-5529-1 [email protected] https://www.debian.org/security/ ...
Continue Reading
December 15, 2023
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5529 advisory. Note that Nessus has not tested for this issue but has instead relied only ...
Continue Reading
December 15, 2023
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5529 advisory. Note that Nessus has not tested for this issue but has instead relied only ...
Continue Reading
December 15, 2023
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the applicatio ...
Continue Reading
December 15, 2023
light-oauth2 before version 2.1.27 obtains the public key without any verification. This could allow attackers to authenticate to the application with a crafted JWT token.Read More ...
Continue Reading
December 15, 2023
Back to Main
