Auth0 Wcf Service Jwt
Approved changes feed: RSS · Atom
cpe:2.3:a:auth0:auth0-wcf-service-jwt:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Auth0 (bd827468-a826-51d4-9e05-912ec56b4756) |
|---|---|
| Product | Auth0 Wcf Service Jwt (0cb4ca67-3c18-5211-8c8e-95d91ce59ada) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-7644 |
vulnerable | 2026-06-03 14:40:41.995284 |
Details available
Auth0 Auth0-WCF-Service-JWT before 1.0.4 leaks the expected JWT signature in an error message when it cannot successfully validate the JWT signature. If this error message is presented to an attacker, they can forge an arbitrary JWT token that will be accepted by the vulnerable application.
Published: 2019-04-11T19:44:18.000Z
Updated: 2024-08-04T20:54:28.292Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.