Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.3
CVE-2025-45769
- EPSS 0.01%
- Published 31.07.2025 00:00:00
- Last modified 17.08.2025 04:15:39
php-jwt v6.11.0 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14...
9.1
CVE-2021-46743
- EPSS 1.07%
- Published 29.03.2022 07:15:07
- Last modified 21.11.2024 06:34:37
In Firebase PHP-JWT before 6.0.0, an algorithm-confusion issue (e.g., RS256 / HS256) exists via the kid (aka Key ID) header, when multiple types of keys are loaded in a key ring. This allows an attacker to forge tokens that validate under the incorre...
1