Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
connect2id nimbus jose\\+jwt |
||
apache hadoop 3.2.1 |
||
oracle solaris cluster 4.0 |
||
oracle weblogic server 12.2.1.3.0 |
||
oracle weblogic server 12.2.1.4.0 |
||
oracle peoplesoft enterprise peopletools 8.58 |
||
oracle enterprise manager base platform 13.4.0.0 |
||
oracle primavera gateway 19.12.0 |
||
oracle data integrator 12.2.1.4.0 |
||
oracle peoplesoft enterprise peopletools 8.59 |
||
oracle primavera gateway |
||
oracle communications pricing design center 12.0.0.3.0 |
||
oracle jd edwards enterpriseone tools |
||
oracle policy automation |
||
oracle communications cloud native core security edge protection proxy 1.7.0 |
||
oracle insurance policy administration |
||
oracle healthcare data repository 8.1.0 |
||
oracle jd edwards enterpriseone orchestrator |