2 matches found
CVE-2022-24404
Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion...
CVE-2017-18239
A time-sensitive equality check on the JWT signature in the JsonWebToken.validate method in main/scala/authentikat/jwt/JsonWebToken.scala in authentikat-jwt aka com.jason-goodwin/authentikat-jwt version 0.4.5 and earlier allows the supplier of a JWT token to guess bit after bit of the signature b...