Team IT Security (TSEC) Nachrichtenportal Logo

🕵️ Crypt::JWT up to 0.022 on Perl Access Control JWT.pm hmac weak authentication


Nachrichtenbereich: 🕵️ Sicherheitslücken
🔗 Quelle: vuldb.com

A vulnerability was found in Crypt::JWT up to 0.022 on Perl and classified as critical. This issue affects the function hmac of the file JWT.pm of the component Access Control. Upgrading to version 0.023 eliminates this vulnerability. Applying the patch b98a59b42ded9f9e51b2560410106207c2152d6c is able to eliminate this problem. The best possible mitigation is suggested to be upgrading to the latest version. ...

Sharing is caring on Social Media

Reddit
Telegram
LinkedIn
Xing
Twitter
Whatsapp
Facebook
Flipboard

🕵️ Crypt::JWT up to 0.022 on Perl Access Control JWT.pm hmac weak authentication


📈 119.54 Punkte
🕵️ Sicherheitslücken

🕵️ perl-CRYPT-JWT up to 0.022 Access Control JWT.pm _decode_jws() weak authentication


📈 98.37 Punkte
🕵️ Sicherheitslücken

🕵️ Medium CVE-2020-17478: P5-crypt-perl project P5-crypt-perl


📈 62.32 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2022-48566 | Python up to 3.9.1 Lib/hmac.py hmac.compare_digest accumulator comparison (Nessus ID 213499)


📈 42.34 Punkte
🕵️ Sicherheitslücken

🕵️ Linux Kernel up to 4.14.7 HMAC crypto/hmac.c System Calls memory corruption


📈 42.34 Punkte
🕵️ Sicherheitslücken

🕵️ Linux Kernel bis 4.14.7 HMAC crypto/hmac.c System Calls Pufferüberlauf


📈 42.34 Punkte
🕵️ Sicherheitslücken

⚠️ #0daytoday #ever gauzy v0.281.9 - JWT weak HMAC secret Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]


📈 39.67 Punkte
⚠️ PoC

⚠️ [webapps] ever gauzy v0.281.9 - JWT weak HMAC secret


📈 39.67 Punkte
⚠️ PoC

🕵️ Nimbus JOSE+JWT up to 4.38 HMAC Padding weak encryption


📈 39.67 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2025-1805 | HACHI Crypt::Salt 0.01 on Perl rand weak prng


📈 38.55 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2025-1828 | Crypt::Random up to 1.55 on Perl Entropy Gathering Daemon Service rand weak prng


📈 38.55 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2018-25107 | Crypt::Random::Source up to 0.12 on Perl rand weak prng


📈 38.55 Punkte
🕵️ Sicherheitslücken

🐧 If your system is installed on dm-crypt and becomes unresponsive when writing/reading a lot of data (like installing Steam games) try disabling dm-crypt workqueues.


📈 38.2 Punkte
🐧 Linux Tipps

🕵️ GNU Mailman 2.0.5 Authentication crypt Empty Password weak authentication


📈 37.21 Punkte
🕵️ Sicherheitslücken

🔧 Perl Weekly #696 - Perl 5 is Perl


📈 36.17 Punkte
🔧 Programmierung

🕵️ jwt-simple up to 0.3.0 on Node.js jwt.decode weak authentication


📈 34.96 Punkte
🕵️ Sicherheitslücken

🕵️ Qualcomm Snapdragon Auto up to SDX20 HMAC Side-Channel weak authentication


📈 33.92 Punkte
🕵️ Sicherheitslücken

🕵️ go-jose up to 1.0.4 CBC-HMAC Integer Overflow weak authentication


📈 33.92 Punkte
🕵️ Sicherheitslücken

📰 JWT-Hack - Tool To En/Decoding JWT, Generate Payload For JWT Attack And Very Fast Cracking(Dict/Brutefoce)


📈 33.31 Punkte
📰 IT Security Nachrichten

🕵️ CVE-2015-10004 | robbert229 JWT HMAC Comparison timing discrepancy (Issue 12)


📈 32.27 Punkte
🕵️ Sicherheitslücken

🕵️ Nimbus JOSE+JWT bis 4.38 HMAC Padding schwache Verschlüsselung


📈 32.27 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-53295 | Dell PowerProtect DD up to 7.10.1.40/7.13.1.10/8.1.0.10 insufficient granularity of access control (dsa-2025-022)


📈 32.26 Punkte
🕵️ Sicherheitslücken

🕵️ Berkeley Boinc Client 6.4.5 lib/crypt.cpp RSA_public_decrypt weak authentication


📈 31.85 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2002-20002 | Perl always uses Perl Net::EasyTCP Package up to 0.14 rand weak prng (ID 184)


📈 31.51 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-56830 | Perl always uses Perl Net::EasyTCP Package up to 0.26 rand weak prng (ID 184)


📈 31.51 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-2467 | Crypt-OpenSSL-RSA 1.5 on Perl PKCS#1 Padding Marvin Attack timing discrepancy (Bug 42)


📈 31.16 Punkte
🕵️ Sicherheitslücken

🕵️ Perl up to 2.16 Rijandel CBC Encryption Crypt::CBC Schwache Verschlüsselung


📈 31.16 Punkte
🕵️ Sicherheitslücken

🕵️ Chilkat Software Chilkat Crypt Activex Control 2.1 ActiveX Control ChilkatCrypt2.dll unknown vulnerability


📈 28.84 Punkte
🕵️ Sicherheitslücken

🕵️ GnuTLS HMAC-SHA-256 Crafted Packet Lucky Thirteen weak encryption


📈 28.56 Punkte
🕵️ Sicherheitslücken

🕵️ GnuTLS HMAC-SHA-384 Crafted Packet Lucky Thirteen weak encryption


📈 28.56 Punkte
🕵️ Sicherheitslücken

🕵️ Bouncy Castle BKS-V1 1.47 HMAC weak encryption


📈 28.56 Punkte
🕵️ Sicherheitslücken

🕵️ tpm2-tools up to 1.1.0 HMAC Password weak encryption


📈 28.56 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-3913 | Phoenix Contact CHARX SEC-3150 1139012 up to 1.6.x System Startup file access (VDE-2024-022)


📈 27.39 Punkte
🕵️ Sicherheitslücken

🔧 The Right Way to Do HMAC Authentication in ExpressJS


📈 26.52 Punkte
🔧 Programmierung

🕵️ sysPass up to 2.0 inc/SP/Core/Crypt.class MCRYPT_RIJNDAEL_256 weak encryption


📈 26.5 Punkte
🕵️ Sicherheitslücken