JsonWebToken open source library has a significant security flaw


The popular open source (opens in new tab) project JsonWebToken was carrying a high-severity vulnerability that allowed threat actors to execute malicious code on affected endpoints, remotely.

A report from Palo Alto Networks’ cybersecurity arm, Unit 42 outlined how the flaw would allow the server to verify a maliciously crafted JSON web token (JWT) request, thus granting the attackers remote code execution (RCE) abilities. 



Read original article here

Denial of responsibility! TechnoCodex is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Leave a comment