Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco node-jose vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-0114
A vulnerability in the Cisco node-jose open source library prior to 0.11.0 could allow an unauthenticated, remote malicious user to re-sign tokens using a key that is embedded within the token. The vulnerability is due to node-jose following the JSON Web Signature (JWS) standard ...
Cisco Node-jose
1 EDB exploit
14 Github repositories
7.5
CVSSv3
CVE-2023-25653
node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for web browsers and node.js-based servers. Prior to version 2.2.0, when using the non-default "fallback" crypto back-end, ECC operations in `node-jose` can trigger a Denial-of-Ser...
Cisco Node-jose
5.9
CVSSv3
CVE-2017-16007
node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for current web browsers and node.js-based servers. node-jose earlier than version 0.9.3 is vulnerable to an invalid curve attack. This allows an malicious user to recover the private secret...
Cisco Node-jose
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started