Vulnerabilities

CVE-2024-33531

by Fred · 24/04/2024

cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsing signature checks by crafting a JWT with an enc header with the value A256GCM.

More information : https://github.com/cdbattags/lua-resty-jwt/commit/d1558e2afefe868fea1e7e9a4b04ea94ab678a85

Similar

Tags: Cybersecurity Alert