Lucene search
GoogleOSV:CVE-2018-1000539HistoryJun 26, 2018 - 4:29 p.m.
CVE-2018-1000539
2018-06-2616:29:00
Google
osv.dev
5
Nov json-jwt version >= 0.5.0 && < 1.9.4 contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability in Decryption of AES-GCM encrypted JSON Web Tokens that can result in Attacker can forge a authentication tag. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 1.9.4 and later.
Related
cvelist
cvelist
CVE-2018-1000539
2018-06-26 16:00:00
prion
prion
Design/Logic Flaw
2018-06-26 16:29:00
openvas
openvas
Debian: Security Advisory (DSA-4283-1)
2018-08-30 00:00:00
osv
osv
ruby-json-jwt - security update
2018-08-31 00:00:00
Json-jwt did not verify the cryptographic signature for data
2018-07-31 18:13:51
cve
cve
CVE-2018-1000539
2018-06-26 16:29:02
CVE-2018-3768
2018-07-05 16:29:00
nessus
nessus
Debian DSA-4283-1 : ruby-json-jwt - security update
2018-09-04 00:00:00
debian
debian
[SECURITY] [DSA 4283-1] ruby-json-jwt security update
2018-08-31 21:55:21
veracode
veracode
Authentication Bypass
2018-05-21 03:00:08
github
github
Json-jwt did not verify the cryptographic signature for data
2018-07-31 18:13:51
ubuntucve
ubuntucve
CVE-2018-1000539
2018-06-26 00:00:00
nvd
nvd
CVE-2018-1000539
2018-06-26 16:29:02
CVE-2018-3768
2018-07-05 16:29:00
debiancve
debiancve
CVE-2018-1000539
2018-06-26 16:29:02