CVE-2025-27370 | OpenID Connect up to 1.0 errata set 2 private_key_jwt authorization

Inserito da Angelo Barbosa | Mar 3, 2025 | CVE

A vulnerability was found in OpenID Connect up to 1.0 errata set 2. It has been declared as problematic. This vulnerability affects unknown code of the component private_key_jwt. The manipulation leads to incorrect authorization.

This vulnerability was named CVE-2025-27370. The attack can be initiated remotely. There is no exploit available.

CVE-2025-27370 | OpenID Connect up to 1.0 errata set 2 private_key_jwt authorization

Post correlati

CVE-2024-56827 | OpenJPEG up to 2.4.0 lib/openjp2/j2k.c opj_j2k_add_tlmarker heap-based overflow

CVE-2024-48229 | funadmin 5.0.2 Curd One Click Command Mode Plugin sql injection

CVE-2024-44285 | Apple tvOS Kernel Memory use after free

CVE-2024-26623 | Linux Kernel up to 6.6.15/6.7.3/6.8-rc2 pds_core queue_work null pointer dereference (22cd6046eb21/5939feb63ea1/7e82a8745b95)