Lucene search
Veracode Vulnerability DatabaseVERACODE:30025HistoryApr 19, 2021 - 5:25 a.m.
Insecure JWT Verification
2021-04-1905:25:29
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.001 Low
EPSS
Percentile
49.1%
portofino-dispatcher performs insecure JWT token verification. The lack of proper JSON Web Token signature verification allows an attacker to successfully forge a JWT which would otherwise pass verification.
| CPE | Name | Operator | Version |
|---|---|---|---|
| portofino-core | le | 5.2.0 | |
| portofino-dispatcher | le | 5.2.0 |
Related
cvelist
cvelist
nvd
nvd
CVE-2021-29451
2021-04-16 22:15:14
cve
cve
CVE-2021-29451
2021-04-16 22:15:14
prion
prion
Code injection
2021-04-16 22:15:00
github
github
Missing validation of JWT signature in `ManyDesigns/Portofino`
2021-04-19 14:56:33
osv
osv
CVE-2021-29451
2021-04-16 22:15:14
Missing validation of JWT signature in `ManyDesigns/Portofino`
2021-04-19 14:56:33