Lucene search
+L

7 matches found

Tenable Nessus
Tenable Nessus
added 2018/09/04 12:0 a.m.23 views

Debian DSA-4283-1 : ruby-json-jwt - security update

It was discovered that ruby-json-jwt, a Ruby implementation of JSON web tokens performed insufficient validation of GCM auth tags. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4283. The text itself is...

5.3CVSS5.5AI score0.00777EPSS
Exploits0References4
Debian
Debian
added 2018/08/31 9:55 p.m.48 views

[SECURITY] [DSA 4283-1] ruby-json-jwt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4283-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 31, 2018 https://www.debian.org/security/faq -...

5.3CVSS5AI score0.00777EPSS
Exploits0
CVE
CVE
added 2018/07/05 4:0 p.m.38 views

CVE-2018-3768

CVE-2018-3768 is a rejected candidate; reference CVE-2018-1000539 instead.

5.1AI score
Exploits0
OSV
OSV
added 2018/06/26 4:29 p.m.22 views

CVE-2018-1000539

Nov json-jwt version = 0.5.0 && 1.9.4 contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability in Decryption of AES-GCM encrypted JSON Web Tokens that can result in Attacker can forge a authentication tag. This attack appear to be exploitable via network connectivity. Th...

5.3CVSS5.7AI score0.00777EPSS
Exploits0References2
NVD
NVD
added 2018/06/26 4:29 p.m.18 views

CVE-2018-1000539

Nov json-jwt version = 0.5.0 && 1.9.4 contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability in Decryption of AES-GCM encrypted JSON Web Tokens that can result in Attacker can forge a authentication tag. This attack appear to be exploitable via network connectivity. Th...

5.3CVSS5.3AI score0.00777EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2018/06/26 4:0 p.m.54 views

CVE-2018-1000539

Nov json-jwt version = 0.5.0 && 1.9.4 contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability in Decryption of AES-GCM encrypted JSON Web Tokens that can result in Attacker can forge a authentication tag. This attack appear to be exploitable via network connectivity. Th...

5.3CVSS5.3AI score0.00777EPSS
Exploits0
CVE
CVE
added 2018/06/26 4:0 p.m.100 views

CVE-2018-1000539

CVE-2018-1000539 affects the ruby-json-jwt gem (versions >=0.5.0 and

5.3CVSS5.1AI score0.00777EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder