Lucene search
GoogleOSV:GHSA-C8V6-786G-VJX6HistoryFeb 29, 2024 - 3:33 a.m.
json-jwt allows bypass of identity checks via a sign/encryption confusion attack
2024-02-2903:33:14
Google
osv.dev
4
json-jwt
gem
identity checks
sign/encryption confusion
attack
jwe
ruby
The json-jwt (aka JSON::JWT) gem 1.16.x before 1.16.6, 1.15.x before 1.15.3.1 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass JSON::JWT.decode.
References
github.com/nov/json-jwt
github.com/nov/json-jwt/commit/593ea8bcaf2629048bad8c036191f2da0a2e713c
github.com/nov/json-jwt/commit/9c4d842a9465bd7960570ca326c3de79b4abc9d0
github.com/nov/json-jwt/issues/120
github.com/nov/json-jwt/issues/121
github.com/P3ngu1nW/CVE_Request/blob/main/novjson-jwt.md
github.com/rubysec/ruby-advisory-db/blob/master/gems/json-jwt/CVE-2023-51774.yml
nvd.nist.gov/vuln/detail/CVE-2023-51774
Related
prion
prion
Design/Logic Flaw
2024-02-29 01:42:00
cve
cve
CVE-2023-51774
2024-02-29 01:42:05
github
github
redhatcve
redhatcve
CVE-2023-51774
2024-02-29 09:03:09
ubuntucve
ubuntucve
CVE-2023-51774
2024-02-29 00:00:00
debiancve
debiancve
CVE-2023-51774
2024-02-29 01:42:05
cgr
cgr
CVE-2023-51774 vulnerabilities
2024-05-08 03:06:48
wolfi
wolfi
CVE-2023-51774 vulnerabilities
2024-05-08 03:55:00