exploitDog

GHSA-7w7c-8h3c-g577

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Xmidt cjwt through 1.0.1 before 2019-11-25 maps unsupported algorithms to alg=none, which sometimes leads to untrusted accidental JWT acceptance.

Xmidt cjwt through 1.0.1 before 2019-11-25 maps unsupported algorithms to alg=none, which sometimes leads to untrusted accidental JWT acceptance.

Ссылки

EPSS

Процентиль: 57%

0.00344

Низкий

CVE ID

Связанные уязвимости

CVE-2019-19324

CVSS3: 7.5

nvd

почти 6 лет назад

Xmidt cjwt through 1.0.1 before 2019-11-25 maps unsupported algorithms to alg=none, which sometimes leads to untrusted accidental JWT acceptance.

EPSS

Процентиль: 57%

0.00344

Низкий

CVE ID