2 matches found
jsonwebtoken node module bypass authentication vulnerability
The jsonwebtoken node module is a JSON Web Taken JWT implementation for node.js. A security vulnerability exists in the jsonwebtoken node module prior to version 4.2.2, which stems from the program using the same signature to validate two types of tokens. An attacker could use this vulnerability ...
Portable Document Format - Specification Signature Collision
Portable Document Format - Specification Signature Collision source: https://www.securityfocus.com/bid/42377/info The Portable Document Format PDF specification is prone to a signature-collision attack when signing PDF documents. An attacker can exploit this issue to create PDF documents containi...