Filtered by vendor Networknt
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-31580 | 1 Networknt | 1 Light-oauth2 | 2024-11-21 | N/A | 5.9 MEDIUM |
light-oauth2 before version 2.1.27 obtains the public key without any verification. This could allow attackers to authenticate to the application with a crafted JWT token. |