Vulnerability Report: GO-2021-0110
- CVE-2020-15222, GHSA-v3q9-2p3m-7g43
- Affects: github.com/ory/fosite
- Published: Jul 28, 2021
- Modified: May 20, 2024
Uniqueness of JWT IDs (jti) are not checked, allowing the JWT to be replayed.
Affected Packages
-
PathGo VersionsSymbols
-
before v0.31.0
Aliases
References
- https://github.com/ory/fosite/commit/0c9e0f6d654913ad57c507dd9a36631e1858a3e9
- https://vuln.go.dev/ID/GO-2021-0110.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.