CVE-2017-10862

CVSS v3.0 5.3 (Medium)

CVSS v2.0 5 (Medium)

EPSS 0.07 % (31^th)

Affected Products 1

Advisories 1

jwt-scala 1.2.2 and earlier fails to verify token signatures correctly which may lead to an attacker being able to pass specially crafted JWT data as a correctly signed token.

Weaknesses

CWE-345: Insufficient Verification of Data Authenticity

CVE Status: PUBLISHED
CNA: JPCERT/CC
Published Date: 2017-10-12 14:29:00
(7 years ago)
Updated Date: 2017-11-03 16:48:02
(6 years ago)

Affected Products

Really

Jwt-scala

Configuration #1

		CPE23	From	Up To
	Really Jwt-scala 1.2.2 and prior versions	cpe:2.3:a:really:jwt-scala		<= 1.2.2