Skip to content

json-jwt allows bypass of identity checks via a sign/encryption confusion attack

Moderate severity GitHub Reviewed Published Feb 29, 2024 to the GitHub Advisory Database • Updated Mar 6, 2024

Package

bundler json-jwt (RubyGems)

Affected versions

>= 1.16.0, < 1.16.6
< 1.15.3.1

Patched versions

1.16.6
1.15.3.1

Description

The json-jwt (aka JSON::JWT) gem 1.16.x before 1.16.6, 1.15.x before 1.15.3.1 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass JSON::JWT.decode.

References

Published by the National Vulnerability Database Feb 29, 2024
Published to the GitHub Advisory Database Feb 29, 2024
Reviewed Mar 1, 2024
Last updated Mar 6, 2024

Severity

Moderate

EPSS score

0.043%
(10th percentile)

Weaknesses

No CWEs

CVE ID

CVE-2023-51774

GHSA ID

GHSA-c8v6-786g-vjx6

Source code

Credits

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.