Packagist (Composer) package
gree/jose
pkg:composer/gree/jose
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-5431 | — | < 2.2.1 | 2.2.1 | Aug 7, 2019 | The PHP JOSE Library by Gree Inc. before version 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS component resulting in bypassing the signature verification via crafted tokens. |
- CVE-2016-5431Aug 7, 2019affected < 2.2.1fixed 2.2.1
The PHP JOSE Library by Gree Inc. before version 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS component resulting in bypassing the signature verification via crafted tokens.