JSON Web Token - CVE CyberSecurity Database News (Page 3)

Jun 11, 2024 Microsoft API Exploit JSON Web Token azure identity library for .net

CVE-2024-35255 - Exploiting Elevation of Privilege in Azure Identity & Microsoft Authentication Library (MSAL)

Date: June 2024 Severity: High Affected Components: Azure Identity Libraries, Microsoft Authentication Library (MSAL) CVSS Score: 7.2 (High) What is CVE-2024-35255? On June 11,

Feb 11, 2024 API JSON Web Token Java

CVE-2023-52428 - Crashing Apps With a Single JWT – A Deep Dive into Nimbus JOSE+JWT DoS Exploit

Connect2id Nimbus JOSE+JWT is a popular Java library for handling JSON Web Tokens (JWT) and encryption (JOSE). In January 2024, a significant vulnerability was

CVE-2023-20238 - Breaking Down the Cisco BroadWorks SSO Token Flaw

Sep 6, 2023 Exploit Cisco JSON Web Token Cisco BroadWorks

CVE-2023-20238 - Breaking Down the Cisco BroadWorks SSO Token Flaw

--- Cisco’s BroadWorks Application Delivery Platform and BroadWorks Xtended Services Platform are widely used in the telecommunications industry. In 2023, a significant vulnerability was

Aug 17, 2023 API JSON Web Token Netflix dispatch

CVE-2023-40171 - How a JWT Secret Leak in Dispatch Could Lead to Full Account Takeover

--- Overview In mid-2023, a critical security vulnerability was discovered in Dispatch, an open-source incident management solution. Tracked as CVE-2023-40171, this flaw could allow attackers

Aug 9, 2023 Exploit JSON Web Token HashiCorp Consul Enterprise

CVE-2023-3518 - Critical JWT Auth Flaw in HashiCorp Consul 1.16. Service Mesh (Exclusive Deep Dive)

In June 2023, a serious security issue was discovered in HashiCorp's popular Consul and Consul Enterprise (version 1.16.), specifically tied to its