pkg:maven/com.nimbusds/nimbus-jose-jwt
Type
maven
Namespace
com.nimbusds
Name
nimbus-jose-jwt
Known advisories, vulnerabilities and fixes for com.nimbusds/nimbus-jose-jwt package.
Critical
1
High
2
Moderate
1
Low
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 4.39 |
CVE-2017-12972
|
MAVEN:GHSA-2QP9-WG27-9PCV | Nimbus JOSE+JWT missing overflow check | high |
2022-05-13T01:30:32
(2 years ago) |
|
Fixed | = 4.39 |
CVE-2017-12972
|
MAVEN:GHSA-2QP9-WG27-9PCV | Nimbus JOSE+JWT missing overflow check | high |
2022-05-13T01:30:32
(2 years ago) |
|
Affected | < 7.9 |
CVE-2019-17195
|
MAVEN:GHSA-F6VF-PQ8C-69M4 | Improper Check for Unusual or Exceptional Conditions in Connect2id Nimbus JOSE+JWT | critical |
2019-10-16T18:31:17
(4 years ago) |
|
Fixed | = 7.9 |
CVE-2019-17195
|
MAVEN:GHSA-F6VF-PQ8C-69M4 | Improper Check for Unusual or Exceptional Conditions in Connect2id Nimbus JOSE+JWT | critical |
2019-10-16T18:31:17
(4 years ago) |
|
Affected | < 9.37.2 |
CVE-2023-52428
|
MAVEN:GHSA-GVPG-VGMX-XG6W | Denial of Service in Connect2id Nimbus JOSE+JWT | moderate |
2024-02-11T06:30:27
(7 months ago) |
|
Fixed | = 9.37.2 |
CVE-2023-52428
|
MAVEN:GHSA-GVPG-VGMX-XG6W | Denial of Service in Connect2id Nimbus JOSE+JWT | moderate |
2024-02-11T06:30:27
(7 months ago) |
|
Affected | < 4.39 |
CVE-2017-12973
|
MAVEN:GHSA-JFMQ-4G4M-99RH | Nimbus JOSE+JWT vulnerable to padding oracle attack | low |
2022-05-13T01:42:51
(2 years ago) |
|
Fixed | = 4.39 |
CVE-2017-12973
|
MAVEN:GHSA-JFMQ-4G4M-99RH | Nimbus JOSE+JWT vulnerable to padding oracle attack | low |
2022-05-13T01:42:51
(2 years ago) |
|
Affected | < 4.36 |
CVE-2017-12974
|
MAVEN:GHSA-PFV2-37F7-9M6W | Improper Verification of Cryptographic Signature in Nimbus JOSE+JWT | high |
2022-05-13T01:30:32
(2 years ago) |
|
Fixed | = 4.36 |
CVE-2017-12974
|
MAVEN:GHSA-PFV2-37F7-9M6W | Improper Verification of Cryptographic Signature in Nimbus JOSE+JWT | high |
2022-05-13T01:30:32
(2 years ago) |