1. Home
  2. Packages
  3. maven
  4. com.nimbusds
  5. nimbus-jose-jwt

pkg:maven/com.nimbusds/nimbus-jose-jwt

Type maven
Namespace com.nimbusds
Name nimbus-jose-jwt

Known advisories, vulnerabilities and fixes for com.nimbusds/nimbus-jose-jwt package.

Repository
https://mvnrepository.com/artifact/com.nimbusds/nimbus-jose-jwt
Critical 1
High 2
Moderate 1
Low 1
Type Version Distribution # CVEs # Advisory ID Title Severity Published
Affected < 4.39 CVE-2017-12972
maven MAVEN:GHSA-2QP9-WG27-9PCV Nimbus JOSE+JWT missing overflow check high 2022-05-13T01:30:32
(2 years ago)
Fixed = 4.39 CVE-2017-12972
maven MAVEN:GHSA-2QP9-WG27-9PCV Nimbus JOSE+JWT missing overflow check high 2022-05-13T01:30:32
(2 years ago)
Affected < 7.9 CVE-2019-17195
maven MAVEN:GHSA-F6VF-PQ8C-69M4 Improper Check for Unusual or Exceptional Conditions in Connect2id Nimbus JOSE+JWT critical 2019-10-16T18:31:17
(4 years ago)
Fixed = 7.9 CVE-2019-17195
maven MAVEN:GHSA-F6VF-PQ8C-69M4 Improper Check for Unusual or Exceptional Conditions in Connect2id Nimbus JOSE+JWT critical 2019-10-16T18:31:17
(4 years ago)
Affected < 9.37.2 CVE-2023-52428
maven MAVEN:GHSA-GVPG-VGMX-XG6W Denial of Service in Connect2id Nimbus JOSE+JWT moderate 2024-02-11T06:30:27
(7 months ago)
Fixed = 9.37.2 CVE-2023-52428
maven MAVEN:GHSA-GVPG-VGMX-XG6W Denial of Service in Connect2id Nimbus JOSE+JWT moderate 2024-02-11T06:30:27
(7 months ago)
Affected < 4.39 CVE-2017-12973
maven MAVEN:GHSA-JFMQ-4G4M-99RH Nimbus JOSE+JWT vulnerable to padding oracle attack low 2022-05-13T01:42:51
(2 years ago)
Fixed = 4.39 CVE-2017-12973
maven MAVEN:GHSA-JFMQ-4G4M-99RH Nimbus JOSE+JWT vulnerable to padding oracle attack low 2022-05-13T01:42:51
(2 years ago)
Affected < 4.36 CVE-2017-12974
maven MAVEN:GHSA-PFV2-37F7-9M6W Improper Verification of Cryptographic Signature in Nimbus JOSE+JWT high 2022-05-13T01:30:32
(2 years ago)
Fixed = 4.36 CVE-2017-12974
maven MAVEN:GHSA-PFV2-37F7-9M6W Improper Verification of Cryptographic Signature in Nimbus JOSE+JWT high 2022-05-13T01:30:32
(2 years ago)