VYPR

Ruby Jwe

by JWT

Source repositories

CVEs (1)

  • CVE-2025-54887CriAug 8, 2025
    risk 0.52cvss 9.1epss 0.00

    jwe is a Ruby implementation of the RFC 7516 JSON Web Encryption (JWE) standard. In versions 1.1.0 and below, authentication tags of encrypted JWEs can be brute forced, which may result in loss of confidentiality for those JWEs and provide ways to craft arbitrary JWEs. This puts…