Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Json-web-token Security Vulnerabilities

cve
cve

CVE-2023-48238

joaquimserafim/json-web-token is a javascript library use to interact with JSON Web Tokens (JWT) which are a compact URL-safe means of representing claims to be transferred between two parties. Affected versions of the json-web-token library are vulnerable to a JWT algorithm confusion attack. On...

7.5CVSS

7.4AI Score

0.0005EPSS

2023-11-17 10:15 PM
41
cve
cve

CVE-2015-10004

Token validation methods are susceptible to a timing side-channel during HMAC comparison. With a large enough number of requests over a low latency connection, an attacker may use this to determine the expected...

7.5CVSS

7.4AI Score

0.001EPSS

2022-12-27 10:15 PM
47