inversoft prime-jwt version prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba contains CWE-20 vulnerability in JWTDecoder.decode resulting in incorrect signature validation of JWT token. Fixed after commit abb0d479389a2509f939452a6767dc424bb5e6ba
Reporter | Title | Published | Views | Family All 5 |
---|---|---|---|---|
Prion | Design/Logic Flaw | 26 Jun 201816:29 | – | prion |
Cvelist | CVE-2018-1000531 | 26 Jun 201816:00 | – | cvelist |
Veracode | Validation Bypass | 27 Jun 201808:11 | – | veracode |
CVE | CVE-2018-1000531 | 26 Jun 201816:29 | – | cve |
NVD | CVE-2018-1000531 | 26 Jun 201816:29 | – | nvd |
Source | Link |
---|---|
github | www.github.com/inversoft/prime-jwt/issues/3 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo