CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51774
https://notcve.org/view.php?id=CVE-2023-51774
25 Dec 2023 — The json-jwt (aka JSON::JWT) gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass JSON::JWT.decode. La gema json-jwt (también conocida como JSON::JWT) 1.16.3 para Ruby a veces permite eludir los controles de identidad mediante un ataque de confusión de signo/cifrado. Por ejemplo, a veces se puede utilizar JWE para omitir JSON::JWT.decode. • https://github.com/P3ngu1nW/CVE_Request/blob/main/novjson-jwt.md • CWE-284: Improper Access Control •
CVSS: 9.4EPSS: 69%CPEs: 1EXPL: 2CVE-2022-39227 – Python-jwt subject to Authentication Bypass by Spoofing
https://notcve.org/view.php?id=CVE-2022-39227
23 Sep 2022 — python-jwt is a module for generating and verifying JSON Web Tokens. Versions prior to 3.3.4 are subject to Authentication Bypass by Spoofing, resulting in identity spoofing, session hijacking or authentication bypass. An attacker who obtains a JWT can arbitrarily forge its contents without knowing the secret key. Depending on the application, this may for example enable the attacker to spoof other user's identities, hijack their sessions, or bypass authentication. Users should upgrade to version 3.3.4. • https://github.com/user0x1337/CVE-2022-39227 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24804 – Simple JWT Login < 3.2.1 - Arbitrary Settings Update to Site Takeover via CSRF
https://notcve.org/view.php?id=CVE-2021-24804
18 Oct 2021 — The Simple JWT Login WordPress plugin before 3.2.1 does not have nonce checks when saving its settings, allowing attackers to make a logged in admin changed them. Settings such as HMAC verification secret, account registering and default user roles can be updated, which could result in site takeover. El plugin Simple JWT Login de WordPress versiones anteriores a 3.2.1, no presenta comprobaciones de nonce cuando guarda sus configuraciones, lo que permite a atacantes hacer que un administrador conectado las c... • https://wpscan.com/vulnerability/6f015e8e-462b-4ef7-a9a1-bb91e7d28e37 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24998 – Simple JWT Login < 3.3.0 - Insecure Password Creation
https://notcve.org/view.php?id=CVE-2021-24998
13 Oct 2021 — The Simple JWT Login WordPress plugin before 3.3.0 can be used to create new WordPress user accounts with a randomly generated password. The password is generated using the str_shuffle PHP function that "does not generate cryptographically secure values, and should not be used for cryptographic purposes" according to PHP's documentation. El plugin Simple JWT Login de WordPress versiones anteriores a 3.3.0, puede ser usado para crear nuevas cuentas de usuario en WordPress con una contraseña generada aleatori... • https://plugins.trac.wordpress.org/changeset/2613782 • CWE-326: Inadequate Encryption Strength CWE-330: Use of Insufficiently Random Values •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2021-41106 – File reference keys leads to incorrect hashes on HMAC algorithms
https://notcve.org/view.php?id=CVE-2021-41106
28 Sep 2021 — JWT is a library to work with JSON Web Token and JSON Web Signature. Prior to versions 3.4.6, 4.0.4, and 4.1.5, users of HMAC-based algorithms (HS256, HS384, and HS512) combined with `Lcobucci\JWT\Signer\Key\LocalFileReference` as key are having their tokens issued/validated using the file path as hashing key - instead of the contents. The HMAC hashing functions take any string as input and, since users can issue and validate tokens, users are lead to believe that everything works properly. Versions 3.4.6, ... • https://github.com/lcobucci/jwt/commit/8175de5b841fbe3fd97d2d49b3fc15c4ecb39a73 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26160 – jwt-go: access restriction bypass vulnerability
https://notcve.org/view.php?id=CVE-2020-26160
30 Sep 2020 — jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification). Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lacks its own audience check. jwt-go versiones anteriores a 4.0.0-preview1, permite a atacantes omitir las restricciones de acceso previstas en situaciones con []string{} para m["aud"] (que está permitido por l... • https://github.com/dgrijalva/jwt-go/pull/426 • CWE-284: Improper Access Control CWE-287: Improper Authentication CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18848
https://notcve.org/view.php?id=CVE-2019-18848
12 Nov 2019 — The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string. La gema json-jwt versiones anteriores a 1.11.0 para Ruby, carece de un conteo de elementos durante la división de una cadena JWE. • https://github.com/nov/json-jwt/commit/ada16e772906efdd035e3df49cb2ae372f0f948a • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-1010161
https://notcve.org/view.php?id=CVE-2019-1010161
25 Jul 2019 — perl-CRYPT-JWT 0.022 and earlier is affected by: Incorrect Access Control. The impact is: bypass authentication. The component is: JWT.pm for JWT security token, line 614 in _decode_jws(). The attack vector is: network connectivity(crafting user-controlled input to bypass authentication). The fixed version is: 0.023. perl-CRYPT-JWT versión 0.022 y versiones anteriores esta afectado por: Control de Acceso Incorrecto. • https://github.com/DCIT/perl-Crypt-JWT/issues/3#issuecomment-417947483 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1000539 – Debian Security Advisory 4283-1
https://notcve.org/view.php?id=CVE-2018-1000539
26 Jun 2018 — Nov json-jwt version >= 0.5.0 && < 1.9.4 contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability in Decryption of AES-GCM encrypted JSON Web Tokens that can result in Attacker can forge a authentication tag. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 1.9.4 and later. Nov json-jwt, en versiones 0.5.0 hasta la 1.9.4 contiene una vulnerabilidad CWE-347: verificación incorrecta de firmas criptográficas en el descifra... • https://github.com/nov/json-jwt/pull/62 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 6.5EPSS: 58%CPEs: 1EXPL: 4CVE-2016-10555
https://notcve.org/view.php?id=CVE-2016-10555
31 May 2018 — Since "algorithm" isn't enforced in jwt.decode()in jwt-simple 0.3.0 and earlier, a malicious user could choose what algorithm is sent sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants. Como "algorithm" no se aplica en jwt.decode() en jwt-simple en versiones 0.3.0 y anteriores, un usuario malicioso podría elegir qué algoritmo se envía al ser... • https://github.com/thepcn3rd/jwtToken-CVE-2016-10555 • CWE-20: Improper Input Validation CWE-310: Cryptographic Issues •