Lucene search
+L

10 matches found

githubexploit
githubexploit
added 2025/12/17 3:52 p.m.237 views

Exploit for CVE-2025-65945

CVE-2025-65945: node-jws Signature Bypass This is a proof of...

7.5CVSS7.3AI score0.002EPSS
Exploits1
redhatcve
redhatcve
added 2025/12/05 7:24 p.m.7 views

CVE-2025-65945

auth0/node-jws is a JSON Web Signature implementation for Node.js. In versions 3.2.2 and earlier and version 4.0.0, auth0/node-jws has an improper signature verification vulnerability when using the HS256 algorithm under specific conditions. Applications are affected when they use the...

7.5CVSS6.1AI score0.002EPSS
Exploits1References5
nvd
nvd
added 2025/12/04 7:16 p.m.11 views

CVE-2025-65945

auth0/node-jws is a JSON Web Signature implementation for Node.js. In versions 3.2.2 and earlier and version 4.0.0, auth0/node-jws has an improper signature verification vulnerability when using the HS256 algorithm under specific conditions. Applications are affected when they use the...

7.5CVSS0.002EPSS
Exploits1References2
osv
osv
added 2025/12/04 6:45 p.m.4 views

CVE-2025-65945 auth0/node-jws improper HMAC signature verification vulnerability

auth0/node-jws is a JSON Web Signature implementation for Node.js. In versions 3.2.2 and earlier and version 4.0.0, auth0/node-jws has an improper signature verification vulnerability when using the HS256 algorithm under specific conditions. Applications are affected when they use the...

7.5CVSS6.7AI score0.002EPSS
Exploits1References4
snyk
snyk
added 2025/12/04 4:54 p.m.2 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the createVerify function when using HS256 HMAC algorithms and incorporating user-provided data from the JSON Web Signature Protected Header or Payload in HMAC secret lookup routines...

8.2CVSS6.8AI score0.002EPSS
Exploits1References2
snyk
snyk
added 2025/12/04 4:54 p.m.7 views

Improper Verification of Cryptographic Signature

Overview jws is an Implementation of JSON Web Signatures Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the createVerify function when using HS256 HMAC algorithms and incorporating user-provided data from the JSON Web Signature Protected...

8.2CVSS6.9AI score0.002EPSS
Exploits1References2
osv
osv
added 2025/12/04 4:54 p.m.2 views

GHSA-869P-CJFG-CM3X auth0/node-jws Improperly Verifies HMAC Signature

Overview An improper signature verification vulnerability exists when using auth0/node-jws with the HS256 algorithm under specific conditions. Am I Affected? You are affected by this vulnerability if you meet all of the following preconditions: 1. Application uses the auth0/node-jws implementatio...

7.5CVSS6.6AI score0.002EPSS
Exploits1References7
github
github
added 2025/12/04 4:54 p.m.14 views

auth0/node-jws Improperly Verifies HMAC Signature

Overview An improper signature verification vulnerability exists when using auth0/node-jws with the HS256 algorithm under specific conditions. Am I Affected? You are affected by this vulnerability if you meet all of the following preconditions: 1. Application uses the auth0/node-jws implementatio...

7.5CVSS6.9AI score0.002EPSS
Exploits1References7Affected Software1
ptsecurity
ptsecurity
added 2025/12/04 12:0 a.m.5 views

PT-2025-49117

Name of the Vulnerable Software and Affected Versions auth0/node-jws versions 3.2.2 and earlier auth0/node-jws version 4.0.0 Description auth0/node-jws is a JSON Web Signature implementation for Node.js. A flaw exists in signature verification when using the HS256 algorithm under specific...

7.5CVSS6.3AI score0.00403EPSS
Exploits2References48
snyk
snyk
added 2025/09/05 12:0 a.m.1 views

External Control of File Name or Path

Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to External Control of File Name or Path due to the vault secret lookup not accounting for the Windows file...

5.1CVSS3.9AI score0.00727EPSS
Exploits0References2
Rows per page
Query Builder