Auth0 Wcf Service Jwt
1 CVEs
product
Monthly
Auth0 Auth0-WCF-Service-JWT before 1.0.4 leaks the expected JWT signature in an error message when it cannot successfully validate the JWT signature. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Information Disclosure
Auth0 Wcf Service Jwt
NVD
CVSS 3.0
9.8
EPSS
1.7%
CVE-2019-7644
NuGet
EPSS 2%
CVSS 9.8
CRITICAL
PATCH
Act Now
Auth0 Auth0-WCF-Service-JWT before 1.0.4 leaks the expected JWT signature in an error message when it cannot successfully validate the JWT signature. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Information Disclosure
Auth0 Wcf Service Jwt
NVD