Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-1010263

Опубликовано: 17 июл. 2019
Источник: nvd
CVSS3: 9.8
CVSS2: 7.5
EPSS Низкий

Описание

Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Control. The impact is: allow attackers to bypass authentication by providing a token by crafting with hmac(). The component is: JWT.pm, line 614. The attack vector is: network connectivity. The fixed version is: after commit b98a59b42ded9f9e51b2560410106207c2152d6c.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:perl_crypt\:\:jwt_project:perl_crypt\:\:jwt:*:*:*:*:*:*:*:*
Версия до 0.023 (исключая)

EPSS

Процентиль: 48%
0.00251
Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-347

Связанные уязвимости

ubuntu логотип

CVE-2019-1010263

CVSS3: 9.8
ubuntu
больше 6 лет назад

Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Control. The impact is: allow attackers to bypass authentication by providing a token by crafting with hmac(). The component is: JWT.pm, line 614. The attack vector is: network connectivity. The fixed version is: after commit b98a59b42ded9f9e51b2560410106207c2152d6c.

debian логотип

CVE-2019-1010263

CVSS3: 9.8
debian
больше 6 лет назад

Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Contro ...

github логотип

GHSA-54vx-xvq8-jh85

CVSS3: 9.8
github
больше 3 лет назад

Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Control. The impact is: allow attackers to bypass authentication by providing a token by crafting with hmac(). The component is: JWT.pm, line 614. The attack vector is: network connectivity. The fixed version is: after commit b98a59b42ded9f9e51b2560410106207c2152d6c.

EPSS

Процентиль: 48%
0.00251
Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-347