3 matches found
CVE-2020-28042
ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature...
CVE-2020-28042
ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature...
CVE-2020-28042
ServiceStack prior to version 5.9.2 is vulnerable to a JWT signature verification bypass. The issue arises because the library mishandles signature checks unless an application uses a custom ValidateToken function that enforces a minimum signature length. Affected component is ServiceStack JWT ha...