cjwt Security Update Advisory (CVE-2024-54150)

Dec 23 2024

Overview

An update has been released to address vulnerabilities in cjwt. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-54150

cjwt version: 2.2.0

Resolved Vulnerabilities

Signatures are incorrectly validated, allowing an attacker to forge tokens with improper signatures (CVE-2024-54150)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-54150

cjwt version: 2.3.0

Referenced Sites

[1] CVE-2024-54150 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-54150

[2] Algorithm Confusion Vulnerability

https://github.com/xmidt-org/cjwt/security/advisories/GHSA-9h24-7qp5-gp82

cjwt Security Update Advisory (CVE-2024-54150)

Google Chrome Browser (131.0.6778.204/.205) Security Update Advisory

Microsoft Edge browser (131.0.2903.112) Version Security Update Advisory

Tags:

Google Chrome Browser (131.0.6778.204/.205) Security Update Advisory

Microsoft Edge browser (131.0.2903.112) Version Security Update Advisory