CVE-2019-1010263

Published: Jul 17, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Control. The impact is: allow attackers to bypass authentication by providing a token by crafting with hmac(). The component is: JWT.pm, line 614. The attack vector is: network connectivity. The fixed version is: after commit b98a59b42ded9f9e51b2560410106207c2152d6c.

Vendor	Product	Versions
Perl Crypt::JWT	Perl Crypt::JWT	affected `prior to 0.023 [fixed: after commit b98a59b42ded9f9e51b2560410106207c2152d6c]`

References

https://www.openwall.com/lists/oss-security/2018/09/07/1

x_refsource_MISC

https://github.com/DCIT/perl-Crypt-JWT/commit/b98a59b42ded9f9e51b2560410106207c2152d6c

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-1010263

Description

Affected Products

References