PT-2021-24484 · Go · Github.Com/Ory/Fosite

Published

2021-04-14

·

Updated

2021-04-14

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned.
Description: The uniqueness of JWT IDs (jti) is not checked, allowing the JWT to be replayed.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

GO-2021-0092

Affected Products

Github.Com/Ory/Fosite