CVE-2016-5431 - CERT CVE
ID CVE-2016-5431
Sažetak The PHP JOSE Library by Gree Inc. before version 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS component resulting in bypassing the signature verification via crafted tokens.
Reference
CVSS
Base: 5.0
Impact: 2.9
Exploitability:10.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE PARTIAL NONE
CVSS vektor AV:N/AC:L/Au:N/C:N/I:P/A:N
Zadnje važnije ažuriranje 03-03-2023 - 15:53
Objavljeno 07-08-2019 - 15:15