CVE-2024-37568 | Authlib up to 1.3.0 Asymmetric Public Key jwt.decode Privilege Escalation (Issue 654)

Inserito da Angelo Barbosa | Giu 9, 2024 | CVE

A vulnerability was found in Authlib up to 1.3.0. It has been classified as problematic. This affects the function jwt.decode of the component Asymmetric Public Key Handler. The manipulation leads to Privilege Escalation.

This vulnerability is uniquely identified as CVE-2024-37568. The attack needs to be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-37568 | Authlib up to 1.3.0 Asymmetric Public Key jwt.decode Privilege Escalation (Issue 654)

Post correlati

CVE-2021-47358 | Linux Kernel up to 5.14.8 greybus use after free

CVE-2022-24809 | Net-SNMP up to 5.9.1 OID nsVacmAccessTable null pointer dereference

CVE-2024-55913 | IBM Concert Software up to 1.0.5 URL path traversal

CVE-2024-34779 | Ivanti EPM 2024/up to 2022 SU6 sql injection