Lucene search
+L

13 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-1849

Malware in sbrugna...

9.8CVSS9.5AI score0.01414EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-1923

Malware in sbrugna...

7.5CVSS7.6AI score0.01631EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/22 1:13 p.m.15 views

CVE-2018-1000125

inversoft prime-jwt version prior to version 1.3.0 or prior to commit 0d94dcef0133d699f21d217e922564adbb83a227 contains an input validation vulnerability in JWTDecoder.decode that can result in a JWT that is decoded and thus implicitly validated even if it lacks a valid signature. This attack...

9.8CVSS6.9AI score0.01414EPSS
Exploits0References1
nvd
nvd
added 2018/06/26 4:29 p.m.28 views

CVE-2018-1000531

inversoft prime-jwt version prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba contains a CWE-20 vulnerability in JWTDecoder.decode that can result in an incorrect signature validation of a JWT token. This attack can be exploitable when an attacker crafts a JWT token with a valid header usi...

7.5CVSS7.5AI score0.01631EPSS
Exploits0References1
osv
osv
added 2018/06/26 4:29 p.m.24 views

CVE-2018-1000531

inversoft prime-jwt version prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba contains a CWE-20 vulnerability in JWTDecoder.decode that can result in an incorrect signature validation of a JWT token. This attack can be exploitable when an attacker crafts a JWT token with a valid header usi...

7.5CVSS7.5AI score
Exploits0References1
prion
prion
added 2018/06/26 4:29 p.m.24 views

Design/Logic Flaw

inversoft prime-jwt version prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba contains a CWE-20 vulnerability in JWTDecoder.decode that can result in an incorrect signature validation of a JWT token. This attack can be exploitable when an attacker crafts a JWT token with a valid header usi...

5CVSS7.5AI score0.01631EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2018/06/26 4:0 p.m.28 views

CVE-2018-1000531

inversoft prime-jwt version prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba contains a CWE-20 vulnerability in JWTDecoder.decode that can result in an incorrect signature validation of a JWT token. This attack can be exploitable when an attacker crafts a JWT token with a valid header usi...

7.5AI score0.01631EPSS
Exploits0References1
cnvd
cnvd
added 2018/03/15 12:0 a.m.4 views

Unspecified Vulnerability in inversoft prime-jwt

inversoft prime-jwt is an open source Java 8-based JWT library . A security vulnerability exists in JWTDecoder.decode in versions prior to inversoft prime-jwt 1.3.0 and commit 0d94dcef0133d699f21d217e922564adbb83a227. No details of the vulnerability are provided at this time...

9.8CVSS6.9AI score0.01414EPSS
Exploits0References1
prion
prion
added 2018/03/13 9:29 p.m.13 views

Input validation

inversoft prime-jwt version prior to version 1.3.0 or prior to commit 0d94dcef0133d699f21d217e922564adbb83a227 contains an input validation vulnerability in JWTDecoder.decode that can result in a JWT that is decoded and thus implicitly validated even if it lacks a valid signature. This attack...

7.5CVSS9.4AI score0.01414EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2018/03/13 9:29 p.m.21 views

CVE-2018-1000125

inversoft prime-jwt version prior to version 1.3.0 or prior to commit 0d94dcef0133d699f21d217e922564adbb83a227 contains an input validation vulnerability in JWTDecoder.decode that can result in a JWT that is decoded and thus implicitly validated even if it lacks a valid signature. This attack...

9.8CVSS9.5AI score0.01414EPSS
Exploits0References2
osv
osv
added 2018/03/13 9:29 p.m.16 views

CVE-2018-1000125

inversoft prime-jwt version prior to version 1.3.0 or prior to commit 0d94dcef0133d699f21d217e922564adbb83a227 contains an input validation vulnerability in JWTDecoder.decode that can result in a JWT that is decoded and thus implicitly validated even if it lacks a valid signature. This attack...

9.8CVSS9.6AI score
Exploits0References2
cve
cve
added 2018/03/13 9:0 p.m.53 views

CVE-2018-1000125

CVE-2018-1000125 affects inversoft prime-jwt prior to version 1.3.0 (before commit 0d94dcef0133d699f21d217e922564adbb83a227). The vulnerability is in JWTDecoder.decode, where input validation can allow a JWT to be decoded and implicitly validated even if the signature is invalid. Attackers can cr...

9.8CVSS9.4AI score0.01414EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2018/03/13 9:0 p.m.20 views

CVE-2018-1000125

inversoft prime-jwt version prior to version 1.3.0 or prior to commit 0d94dcef0133d699f21d217e922564adbb83a227 contains an input validation vulnerability in JWTDecoder.decode that can result in a JWT that is decoded and thus implicitly validated even if it lacks a valid signature. This attack...

9.5AI score0.01414EPSS
Exploits0References2
Rows per page
Query Builder