JSON Web Token - CVE CyberSecurity Database News (Page 3)

Jun 12, 2024 JSON Web Token HashiCorp Vault Enterprise

CVE-2024-5798 - How a JWT Audience Validation Bug in HashiCorp Vault Could Let Attackers In

Vault and Vault Enterprise are powerful tools for managing secrets and protecting sensitive data. Many organizations trust them for critical workloads. But in June 2024,

Jun 11, 2024 Microsoft API Exploit JSON Web Token Azure Identity Library for .NET

CVE-2024-35255 - Exploiting Elevation of Privilege in Azure Identity & Microsoft Authentication Library (MSAL)

Date: June 2024 Severity: High Affected Components: Azure Identity Libraries, Microsoft Authentication Library (MSAL) CVSS Score: 7.2 (High) What is CVE-2024-35255? On June 11,

Feb 11, 2024 API JSON Web Token Java

CVE-2023-52428 - Crashing Apps With a Single JWT – A Deep Dive into Nimbus JOSE+JWT DoS Exploit

Connect2id Nimbus JOSE+JWT is a popular Java library for handling JSON Web Tokens (JWT) and encryption (JOSE). In January 2024, a significant vulnerability was

CVE-2023-20238 - Breaking Down the Cisco BroadWorks SSO Token Flaw

Sep 6, 2023 Exploit Cisco JSON Web Token Cisco BroadWorks

CVE-2023-20238 - Breaking Down the Cisco BroadWorks SSO Token Flaw

--- Cisco’s BroadWorks Application Delivery Platform and BroadWorks Xtended Services Platform are widely used in the telecommunications industry. In 2023, a significant vulnerability was

Aug 17, 2023 API JSON Web Token Netflix dispatch

CVE-2023-40171 - How a JWT Secret Leak in Dispatch Could Lead to Full Account Takeover

--- Overview In mid-2023, a critical security vulnerability was discovered in Dispatch, an open-source incident management solution. Tracked as CVE-2023-40171, this flaw could allow attackers