| ID | CVE-2017-12973 | ||||||
| Sažetak | Nimbus JOSE+JWT before 4.39 proceeds improperly after detection of an invalid HMAC in authenticated AES-CBC decryption, which allows attackers to conduct a padding oracle attack. | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:M/Au:N/C:P/I:N/A:N | ||||||
| Zadnje važnije ažuriranje | 03-10-2019 - 00:03 | ||||||
| Objavljeno | 20-08-2017 - 16:29 |
