Security Advisory

CVE-2016-5431

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-08-07 15:13:47

Last updated 2024-08-06 01:01:00

Assigner redhat

State PUBLISHED

Description

The PHP JOSE Library by Gree Inc. before version 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS component resulting in bypassing the signature verification via crafted tokens.

← Browse all CVEs View on cve.org ↗