Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 24/09/2020 Updated: 18/11/2021

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.31.0, when using "private_key_jwt" authentication the uniqueness of the `jti` value is not checked. When using client authentication method "private_key_jwt", OpenId specification says the following about assertion `jti`: "A unique identifier for the token, which can be used to prevent reuse of the token. These tokens MUST only be used once, unless conditions for reuse were negotiated between the parties". Hydra does not seem to check the uniqueness of this `jti` value. This problem is fixed in version 0.31.0.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ory fosite

CWE-345 https://github.com/ory/fosite/security/advisories/GHSA-v3q9-2p3m-7g43 https://github.com/ory/fosite/commit/0c9e0f6d654913ad57c507dd9a36631e1858a3e9 https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-15222

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect