Unrated severityNVD Advisory· Published Jul 29, 2019· Updated Aug 5, 2024
CVE-2019-1020015
CVE-2019-1020015
Description
graphql-engine (aka Hasura GraphQL Engine) before 1.0.0-beta.3 mishandles the audience check while verifying JWT.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: < 1.0.0-beta.3
- graphql-engine/graphql-enginev5Range: < 1.0.0-beta.3
Patches
Vulnerability mechanics
References
1- github.com/hasura/graphql-engine/commit/f2f14e727b051e3003ba44b9b63eab8186b291acmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.