Improper Check for Unusual or Exceptional Conditions Affecting com.nimbusds:nimbus-jose-jwt Open this link in a new tab package, versions [,7.8.1)
Proof of concept
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
26 Nov 2019
15 Oct 2019
How to fix?
com.nimbusds:nimbus-jose-jwt to version 7.8.1 or higher.
com.nimbusds:nimbus-jose-jwt is a library for JSON Web Tokens (JWT)
Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions. Can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.