CVE-2023-51774

NameCVE-2023-51774
DescriptionThe json-jwt (aka JSON::JWT) gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass JSON::JWT.decode.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ruby-json-jwt (PTS)buster1.9.4-1vulnerable
bullseye1.11.0-1vulnerable
trixie, sid, bookworm1.14.0-2vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
ruby-json-jwtsource(unstable)(unfixed)

Notes

[bookworm] - ruby-json-jwt <postponed> (Revisit when addressed upstream)
[bullseye] - ruby-json-jwt <postponed> (Revisit when addressed upstream)
[buster] - ruby-json-jwt <postponed> (Revisit when addressed upstream)
https://github.com/P3ngu1nW/CVE_Request/blob/main/novjson-jwt.md
https://github.com/nov/json-jwt/issues/113

Search for package or bug name: Reporting problems