Описание
php-jwt v6.11.0 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not meant to recommend an outcome for this CVE Record.
Ссылки
- Third Party Advisory
- Product
- Product
Уязвимые конфигурации
Конфигурация 1Версия до 6.11.0 (включая)
cpe:2.3:a:google:firebase_php-jwt:*:*:*:*:*:*:*:*
EPSS
Процентиль: 2%
0.00013
Низкий
7.3 High
CVSS3
Дефекты
CWE-326
Связанные уязвимости
CVSS3: 7.3
github
6 месяцев назад
php-jwt v6.11.0 was discovered to contain weak encryption.
EPSS
Процентиль: 2%
0.00013
Низкий
7.3 High
CVSS3
Дефекты
CWE-326