Количество 3
Количество 3
CVE-2022-0931
3scale's gateway usage of JWT does not properly handle verification of algorithm claims in the token header. An attacker could use this flaw to create a signed token with improper claims and thus to bypass security restrictions for the user.
CVE-2022-0931
Rejected reason: Red Hat Product Security does not consider this to be a vulnerability. Upstream has not acknowledged this issue as a security flaw.
GHSA-ppr8-5788-fjf2
Rejected reason: Red Hat Product Security does not consider this to be a vulnerability. Upstream has not acknowledged this issue as a security flaw.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-0931 3scale's gateway usage of JWT does not properly handle verification of algorithm claims in the token header. An attacker could use this flaw to create a signed token with improper claims and thus to bypass security restrictions for the user. | около 2 лет назад | ||
 | CVE-2022-0931 Rejected reason: Red Hat Product Security does not consider this to be a vulnerability. Upstream has not acknowledged this issue as a security flaw. | около 2 лет назад | ||
| GHSA-ppr8-5788-fjf2 Rejected reason: Red Hat Product Security does not consider this to be a vulnerability. Upstream has not acknowledged this issue as a security flaw. | около 2 лет назад |
Уязвимостей на страницу