CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

RedhatCVE•added 2025/05/22 1:13 p.m.•6 views

CVE-2018-1000125

inversoft prime-jwt version prior to version 1.3.0 or prior to commit 0d94dcef0133d699f21d217e922564adbb83a227 contains an input validation vulnerability in JWTDecoder.decode that can result in a JWT that is decoded and thus implicitly validated even if it lacks a valid signature. This attack...

9.8CVSS6.9AI score0.00411EPSS

Exploits0References1

OSV•added 2018/06/26 4:29 p.m.•17 views

CVE-2018-1000531

inversoft prime-jwt version prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba contains a CWE-20 vulnerability in JWTDecoder.decode that can result in an incorrect signature validation of a JWT token. This attack can be exploitable when an attacker crafts a JWT token with a valid header usi...

7.5CVSS7.5AI score

Exploits0References1

Cvelist•added 2018/06/26 4:0 p.m.•12 views

CVE-2018-1000531

7.5AI score0.00451EPSS

Exploits0References1

NVD•added 2018/03/13 9:29 p.m.•9 views

CVE-2018-1000125

9.8CVSS9.5AI score0.00411EPSS

Exploits0References2

Prion•added 2018/03/13 9:29 p.m.•12 views

Input validation

7.5CVSS9.4AI score0.00411EPSS

Exploits0References2Affected Software1

OSV•added 2018/03/13 9:29 p.m.•11 views

CVE-2018-1000125

9.8CVSS9.6AI score

Exploits0References2

CVE•added 2018/03/13 9:0 p.m.•47 views

CVE-2018-1000125

CVE-2018-1000125 affects inversoft prime-jwt prior to version 1.3.0 (before commit 0d94dcef0133d699f21d217e922564adbb83a227). The vulnerability is in JWTDecoder.decode, where input validation can allow a JWT to be decoded and implicitly validated even if the signature is invalid. Attackers can cr...

9.8CVSS9.4AI score0.00411EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by