Remote code execution bug discovered in the popular JsonWebToken library | allinfosecnews.com

Jan. 10, 2023, 10:11 a.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

The open-source jsonwebtoken (JWT) library is affected by a high-severity security flaw that could lead to remote code execution. The open-source JsonWebToken (JWT) library is affected by a high-severity security flaw, tracked as CVE-2022-23529 (CVSS score: 7.6), that could lead to remote code execution. The package is maintained by Auth0, it had over 9 million weekly downloads […]

The post Remote code execution bug discovered in the popular JsonWebToken library appeared first on Security Affairs.

auth0 breaking news bug code code execution cve cve-2022-23529 cvss downloads flaw hacking hacking news high information security news it information security jsonwebtoken jwt library package pierluigi paganini popular rce remote code remote code execution score security severity weekly

More from securityaffairs.co / Security Affairs

Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks 5 hours ago | securityaffairs.co

actor adaptive security apt arcanedoor +32

Hackers hijacked the eScan Antivirus update mechanism in malware campaign 11 hours ago | securityaffairs.co

antivirus avast backdoors breaking news +27

US offers a $10 million reward for information on four Iranian nationals 18 hours ago | securityaffairs.co

10 million assets breaking news contractors +26

The street lights in Leicester City cannot be turned off due to a cyber attack 19 hours ago | securityaffairs.co

attack authority breaking news city +14

North Korea-linked APT groups target South Korean defense contractors 1 day, 6 hours ago | securityaffairs.co

agency andariel apt apt groups +29

U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity 1 day, 17 hours ago | securityaffairs.co

business commercial commercial spyware department +19

A cyber attack paralyzed operations at Synlab Italia 1 day, 18 hours ago | securityaffairs.co

april attack breaking news cyber +15

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw 2 days, 4 hours ago | securityaffairs.co

apt apt28 blizzard breaking news +24

Hackers threaten to leak a copy of the World-Check database used to assess potential risks … 2 days, 12 hours ago | securityaffairs.co

breaking news check claims copy +27

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

EY GDS Internship Program - SAP, Cyber, IT Consultant or Finance Talents with German language

@ EY | Wrocław, DS, PL, 50-086

View on infosec-jobs.com

Security Architect - 100% Remote (REF1604S)

@ Citizant | Chantilly, VA, United States

View on infosec-jobs.com

Network Security Engineer - Firewall admin (f/m/d)

@ Deutsche Börse | Prague, CZ

View on infosec-jobs.com

Junior Cyber Solutions Consultant

@ Dionach | Glasgow, Scotland, United Kingdom

View on infosec-jobs.com

Senior Software Engineer (Cryptography), Bitkey

@ Block | New York City, United States

View on infosec-jobs.com