5 matches found
CVE-2024-54150
cjwt is a C JSON Web Token JWT Implementation. Algorithm confusion occurs when a system improperly verifies the type of signature used, allowing attackers to exploit the lack of distinction between signing methods. If the system doesn't differentiate between an HMAC signed token and an RS/EC/PS...
CVE-2024-54150
cjwt is a C JSON Web Token JWT Implementation. Algorithm confusion occurs when a system improperly verifies the type of signature used, allowing attackers to exploit the lack of distinction between signing methods. If the system doesn't differentiate between an HMAC signed token and an RS/EC/PS...
CVE-2024-54150 Algorithm Confusion Vulnerability in cjwt
cjwt is a C JSON Web Token JWT Implementation. Algorithm confusion occurs when a system improperly verifies the type of signature used, allowing attackers to exploit the lack of distinction between signing methods. If the system doesn't differentiate between an HMAC signed token and an RS/EC/PS...
CVE-2024-54150
CVE-2024-54150 (cjwt) is a vulnerability in the C JWT implementation where signature verification fails to differentiate between symmetric and asymmetric signing methods (e.g., HS256 vs RS256/PS/EC). The root cause is algorithm confusion during verification, which can allow an attacker to forge t...
CVE-2024-54150 Algorithm Confusion Vulnerability in cjwt
cjwt is a C JSON Web Token JWT Implementation. Algorithm confusion occurs when a system improperly verifies the type of signature used, allowing attackers to exploit the lack of distinction between signing methods. If the system doesn't differentiate between an HMAC signed token and an RS/EC/PS...