3 matches found
CVE-2020-15240
omniauth-auth0 rubygems versions = 2.3.0 and 2.4.1 improperly validate the JWT token signature when using the jwtvalidator.verify method. Improper validation of the JWT token signature can allow an attacker to bypass authentication and authorization. You are affected by this vulnerability if all ...
CVE-2020-15240
Summary: The vulnerability CVE-2020-15240 affects the Ruby gem omniauth-auth0 (versions >= 2.3.0 and
CVE-2020-15240 Regression in JWT Signature Validation
omniauth-auth0 rubygems versions = 2.3.0 and 2.4.1 improperly validate the JWT token signature when using the jwtvalidator.verify method. Improper validation of the JWT token signature can allow an attacker to bypass authentication and authorization. You are affected by this vulnerability if all ...