Lucene search
K

7 matches found

UbuntuCve
UbuntuCve
added 2026/03/27 11:17 p.m.4 views

CVE-2026-33996

LibJWT is a C JSON Web Token Library. Starting in version 3.0.0 and prior to version 3.3.0, the JWK parsing for RSA-PSS did not protect against a NULL value when expecting to parse JSON string values. A specially crafted JWK file could exploit this behavior by using integers in places where the...

5.8CVSS5.8AI score0.0015EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/27 10:21 p.m.4 views

EUVD-2026-16899

LibJWT is a C JSON Web Token Library. Starting in version 3.0.0 and prior to version 3.3.0, the JWK parsing for RSA-PSS did not protect against a NULL value when expecting to parse JSON string values. A specially crafted JWK file could exploit this behavior by using integers in places where the...

5.8CVSS5.9AI score0.0015EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/27 10:21 p.m.2 views

CVE-2026-33996

LibJWT is a C JSON Web Token Library. Starting in version 3.0.0 and prior to version 3.3.0, the JWK parsing for RSA-PSS did not protect against a NULL value when expecting to parse JSON string values. A specially crafted JWK file could exploit this behavior by using integers in places where the...

5.8CVSS5.9AI score0.0015EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinux
added 2026/03/27 10:21 p.m.2 views

CVE-2026-33996

LibJWT is a C JSON Web Token Library. Starting in version 3.0.0 and prior to version 3.3.0, the JWK parsing for RSA-PSS did not protect against a NULL value when expecting to parse JSON string values. A specially crafted JWK file could exploit this behavior by using integers in places where the...

5.8CVSS5.9AI score0.0015EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/27 10:21 p.m.8 views

CVE-2026-33996 LibJWT has NULL/bounds validation in JWK octet and RSA PSS parsing

LibJWT is a C JSON Web Token Library. Starting in version 3.0.0 and prior to version 3.3.0, the JWK parsing for RSA-PSS did not protect against a NULL value when expecting to parse JSON string values. A specially crafted JWK file could exploit this behavior by using integers in places where the...

5.8CVSS5.9AI score0.0015EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/03/27 10:21 p.m.4 views

CVE-2026-33996

LibJWT is a C JSON Web Token Library. Starting in version 3.0.0 and prior to version 3.3.0, the JWK parsing for RSA-PSS did not protect against a NULL value when expecting to parse JSON string values. A specially crafted JWK file could exploit this behavior by using integers in places where the...

5.8CVSS5.4AI score0.0015EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.9 views

PT-2026-28589

Name of the Vulnerable Software and Affected Versions LibJWT versions 3.0.0 through 3.2.9 Description LibJWT, a C JSON Web Token Library, has an issue in the RSA-PSS JWK parsing functionality. Versions prior to 3.3.0 do not adequately validate JSON string values, specifically failing to protect...

5.8CVSS5.8AI score0.0015EPSS
Exploits0References4
Rows per page
Query Builder