Vulnerabilities > Reason Jose Project

DATE CVE VULNERABILITY TITLE RISK
2023-02-01 CVE-2023-23928 Improper Verification of Cryptographic Signature vulnerability in Reason-Jose Project Reason-Jose
reason-jose is a JOSE implementation in ReasonML and OCaml.`Jose.Jws.validate` does not check HS256 signatures.
network
low complexity
reason-jose-project CWE-347
critical
 9.8
9.8