[]() While application development has evolved rapidly, the API man ...
Continue Reading
December 15, 2023
Summary The json-web-token library is vulnerable to a JWT algorithm confusion attack. Details On line 86 of the 'index.js' file, the algorithm to use for verifying the signature of the JWT t ...
Continue Reading
December 15, 2023
NextAuth.js provides authentication for Next.js. next-auth applications prior to version 4.24.5 that rely on the default Middleware authorization are affected by a vulnerability. A bad actor could cre ...
Continue Reading
December 15, 2023
The D-Link D-View 8 web server running on the remote host uses a hard-coded key to protect a JWT token. An unauthenticated, remote attacker can exploit this, via a specially crafted message, to bypass ...
Continue Reading
December 15, 2023
The D-Link D-View 8 web server running on the remote host uses a hard-coded key to protect a JWT token. An unauthenticated, remote attacker can exploit this, via a specially crafted message, to bypass ...
Continue Reading
December 15, 2023
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the applicatio ...
Continue Reading
December 15, 2023
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the applicatio ...
Continue Reading
December 15, 2023
Summary The json-web-token library is vulnerable to a JWT algorithm confusion attack. Details On line 86 of the 'index.js' file, the algorithm to use for verifying the signature of the JWT t ...
Continue Reading
December 15, 2023
Back to Main
