Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 10:18 a.m.6 views

CVE-2019-18848

The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string...

7.5CVSS6.8AI score0.00207EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/09/03 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-51774

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The json-jwt aka JSON::JWT gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes...

8.4CVSS6.6AI score0.00011EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-18848

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string. CVE-2019-18848 Note that Nessus relies on the presence of t...

7.5CVSS7.2AI score0.00207EPSS
Exploits0References2
NVD
NVDadded 2024/02/29 1:42 a.m.9 views

CVE-2023-51774

The json-jwt aka JSON::JWT gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass JSON::JWT.decode...

8.4CVSS6.4AI score0.00011EPSS
Exploits1References1
Prion
Prionadded 2024/02/29 1:42 a.m.18 views

Design/Logic Flaw

The json-jwt aka JSON::JWT gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass JSON::JWT.decode...

7.1AI score0.00011EPSS
Exploits1References1
RubySec
RubySecadded 2024/02/29 12:0 a.m.22 views

json-jwt allows bypass of identity checks via a sign/encryption confusion attack

The json-jwt aka JSON::JWT gem versions 1.16.5 and below sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass JSON::JWT.decode...

8.4CVSS7AI score0.00011EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2019/11/14 3:25 p.m.19 views

GHSA-CFF7-6H4Q-Q5PJ JSON-jwt Gem lacked element count during splitting of JWE string

The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string...

7.5CVSS7.5AI score0.00207EPSS
Exploits0References6
NVD
NVDadded 2019/11/12 3:15 p.m.10 views

CVE-2019-18848

The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string...

7.5CVSS7.5AI score0.00207EPSS
Exploits0References3
OSV
OSVadded 2019/11/12 3:15 p.m.12 views

CVE-2019-18848

The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string...

7.5CVSS6.7AI score
Exploits0References3
OSV
OSVadded 2019/11/12 3:15 p.m.1 views

UBUNTU-CVE-2019-18848

The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string...

7.5CVSS5.8AI score0.00207EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2019/11/12 3:15 p.m.19 views

CVE-2019-18848

The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string...

7.5CVSS7.1AI score0.00207EPSS
Exploits0References3
Cvelist
Cvelistadded 2019/11/12 2:23 p.m.19 views

CVE-2019-18848

The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string...

7.5AI score0.00207EPSS
Exploits0References3
Rows per page
Query Builder