8 matches found
EUVD-2022-5819
Malicious code in bioql PyPI...
CVE-2016-5431
The PHP JOSE Library by Gree Inc. before version 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS component resulting in bypassing the signature verification via crafted tokens...
GHSA-XM5F-HC9R-76F3 PHP JOSE Library by Gree Inc. Uses a Broken or Risky Cryptographic Algorithm
The PHP JOSE Library by Gree Inc. prior to 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS component resulting in bypassing the signature verification via crafted tokens...
Signature Verification Bypass
gree/jose is vulnerable to signature verification bypass. The vulnerability exists as there was an issue in the key confusion/algorithm substitution...
CVE-2016-5431
The PHP JOSE Library by Gree Inc. before version 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS component resulting in bypassing the signature verification via crafted tokens...
CVE-2016-5431
The PHP JOSE Library by Gree Inc. before version 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS component resulting in bypassing the signature verification via crafted tokens...
CVE-2016-5431
The CVE concerns the PHP JOSE Library by Gree Inc. prior to version 2.2.1. The underlying issue is key confusion/algorithm substitution in the JWS component, which allows bypassing signature verification with crafted tokens. Affected software/version: PHP JOSE Library
PT-2019-7833 · Php · Php Jose Library
Name of the Vulnerable Software and Affected Versions: PHP JOSE Library versions prior to 2.2.1 Description: The issue allows for key confusion/algorithm substitution in the JWS component, resulting in the bypassing of signature verification via crafted tokens. Recommendations: For versions prior...