Lucene search
K

7 matches found

nessus
nessus
added 2025/08/27 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2019-18848

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string. CVE-2019-18848 Note that Nessus relies on the presence of t...

7.5CVSS7.2AI score0.01257EPSS
Exploits0References2
openvas
openvas
added 2025/01/08 12:0 a.m.13 views

openSUSE Security Advisory (openSUSE-SU-2025:0004-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS7.2AI score0.01257EPSS
Exploits1References5
nessus
nessus
added 2025/01/08 12:0 a.m.15 views

openSUSE 15 Security Update : rubygem-json-jwt (openSUSE-SU-2025:0004-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:0004-1 advisory. - New upstream release 1.16.6, see bundled CHANGELOG.md - Remove padding oracle by @btoews in https://github.com/nov/json-jwt/pull/109 - Fixes...

8.4CVSS6.9AI score0.01257EPSS
Exploits1References7
osv
osv
added 2025/01/07 5:1 p.m.13 views

OPENSUSE-SU-2025:0004-1 Security update for rubygem-json-jwt

This update for rubygem-json-jwt fixes the following issues: - New upstream release 1.16.6, see bundled CHANGELOG.md - Remove padding oracle by @btoews in https://github.com/nov/json-jwt/pull/109 - Fixes CVE-2023-51774 boo1220727 - updated to version 1.11.0 - no changelog found - Fixes...

8.4CVSS6.9AI score0.01257EPSS
Exploits1References5
debian
debian
added 2020/10/01 12:22 p.m.69 views

[SECURITY] [DLA 2390-1] ruby-json-jwt security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2390-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta October 01, 2020 https://wiki.debian.org/LTS -...

7.5CVSS7.4AI score0.01257EPSS
Exploits0
cve
cve
added 2019/11/12 2:23 p.m.110 views

CVE-2019-18848

CVE-2019-18848 affects the rubygem-json-jwt library for Ruby, where versions prior to 1.11.0 fail to enforce an element count when splitting a JWE string. This is documented across multiple advisories (Debian DLA-2390-1, openSUSE/SUSE advisories) indicating the issue and references to upgrading t...

7.5CVSS7.3AI score0.01257EPSS
Exploits0References3Affected Software1
debiancve
debiancve
added 2019/11/12 2:23 p.m.40 views

CVE-2019-18848

The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string...

7.5CVSS7.5AI score0.01257EPSS
Exploits0
Rows per page
Query Builder