Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2020-10244 Vulnerability in maven package dev.paseto:jpaseto-sodium

Description

JPaseto before 0.3.0 generates weak hashes when using v2.local tokens.

Remediation

References

https://github.com/paseto-toolkit/jpaseto/releases/tag/jpaseto-0.3.0

Related Vulnerabilities

CVE-2015-8861 Vulnerability in maven package org.webjars:handlebars

CVE-2018-11764 Vulnerability in maven package org.apache.hadoop:hadoop-core

CVE-2020-36604 Vulnerability in npm package @hapi/hoek

CVE-2016-6817 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core

CVE-2022-0198 Vulnerability in maven package edu.stanford.nlp:stanford-corenlp

Severity

High

Classification

CWE-326 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Third Party Advisory