cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsing signature checks by crafting a JWT with an enc header with the value A256GCM.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-04-24T00:00:00
Updated: 2024-08-02T02:36:03.489Z
Reserved: 2024-04-24T00:00:00
Link: CVE-2024-33531
Vulnrichment
Updated: 2024-08-02T02:36:03.489Z
NVD
Status : Awaiting Analysis
Published: 2024-04-24T06:15:14.210
Modified: 2024-11-21T09:17:05.840
Link: CVE-2024-33531
Redhat
No data.