Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2019-18848

Published: 12/11/2019 Updated: 03/05/2022
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Json-jwt

Vulnerability Summary

The json-jwt gem prior to 1.11.0 for Ruby lacks an element count during the splitting of a JWE string.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

json-jwt project json-jwt

debian debian linux 9.0

Vendor Advisories

Debian CVElist Bug Report Logs: ruby-json-jwt: CVE-2019-18848
Debian Bug report logs - #944850 ruby-json-jwt: CVE-2019-18848 Package: src:ruby-json-jwt; Maintainer for src:ruby-json-jwt is Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 16 Nov 2019 10:42:02 UTC Severity: impor ...

References

CWE-287https://github.com/nov/json-jwt/commit/ada16e772906efdd035e3df49cb2ae372f0f948ahttps://github.com/nov/json-jwt/compare/v1.10.2...v1.11.0https://lists.debian.org/debian-lts-announce/2020/10/msg00001.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944850https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook