Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Auth0Jsonwebtoken

4 matches found

CVE
CVEadded 2022/12/22 7:15 p.m.202 views

CVE-2022-23540

In versions

7.6CVSS7AI score0.00027EPSS
CVE
CVEadded 2022/12/22 6:15 p.m.170 views

CVE-2022-23541

jsonwebtoken is an implementation of JSON Web Tokens. Versions

6.3CVSS5.8AI score0.00052EPSS
CVE
CVEadded 2022/12/23 12:15 a.m.162 views

CVE-2022-23539

Versions

8.1CVSS6.7AI score0.00075EPSS
CVE
CVEadded 2018/05/29 8:29 p.m.48 views

CVE-2015-9235

In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family).

9.8CVSS9.3AI score0.41149EPSS