4 matches found
Hono has improper validation of NumericDate claims (exp, nbf, iat) in JWT verify()
Summary Improper validation of the JWT NumericDate claims exp, nbf, and iat in hono/utils/jwt allows tokens with non-spec-compliant claim values to silently bypass time-based checks. This issue is not exploitable by an anonymous attacker; it only manifests when a malformed claim value reaches...
NPM: Hono has improper validation of NumericDate claims (exp, nbf, iat) in JWT verify()
NPM: Hono has improper validation of NumericDate claims exp, nbf, iat in JWT verify vulnerability discovered by ? in WordPress Npm hono versions 4.12.18...
GHSA-HM8Q-7F3Q-5F36 Hono has improper validation of NumericDate claims (exp, nbf, iat) in JWT verify()
Summary Improper validation of the JWT NumericDate claims exp, nbf, and iat in hono/utils/jwt allows tokens with non-spec-compliant claim values to silently bypass time-based checks. This issue is not exploitable by an anonymous attacker; it only manifests when a malformed claim value reaches...
PT-2026-39329
Name of the Vulnerable Software and Affected Versions Hono versions prior to 4.12.18 Description Improper validation of the JWT NumericDate claims exp, nbf, and iat in hono/utils/jwt allows tokens with non-spec-compliant claim values to silently bypass time-based checks. This occurs because the...