Vulnerabilities > Inversoft

DATE CVE VULNERABILITY TITLE RISK
2018-06-26 CVE-2018-1000531 Improper Input Validation vulnerability in Inversoft Prime-Jwt
inversoft prime-jwt version prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba contains a CWE-20 vulnerability in JWTDecoder.decode that can result in an incorrect signature validation of a JWT token.
network
low complexity
inversoft CWE-20
5.0
2018-03-13 CVE-2018-1000125 Improper Input Validation vulnerability in Inversoft Prime-Jwt
inversoft prime-jwt version prior to version 1.3.0 or prior to commit 0d94dcef0133d699f21d217e922564adbb83a227 contains an input validation vulnerability in JWTDecoder.decode that can result in a JWT that is decoded and thus implicitly validated even if it lacks a valid signature.
network
low complexity
inversoft CWE-20
7.5