CVE-2017-12974

{"id": "CVE-2017-12974", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2017-08-20T16:29:00.313", "references": [{"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/f3a7a801f0c6b078899fed9226368eb7b44e2b2f", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/217/explicit-check-for-ec-public-key-on-curve", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt", "tags": ["Release Notes", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E", "source": "cve@mitre.org"}, {"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/f3a7a801f0c6b078899fed9226368eb7b44e2b2f", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/217/explicit-check-for-ec-public-key-on-curve", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt", "tags": ["Release Notes", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-347"}]}], "descriptions": [{"lang": "en", "value": "Nimbus JOSE+JWT before 4.36 proceeds with ECKey construction without ensuring that the public x and y coordinates are on the specified curve, which allows attackers to conduct an Invalid Curve Attack in environments where the JCE provider lacks the applicable curve validation."}, {"lang": "es", "value": "Nimbus JOSE+JWT en versiones anteriores a la 4.36 procede con la construcci\u00f3n ECKey sin asegurarse de que las coordenadas p\u00fablicas x e y est\u00e1n en la curva especificada. Esto permite que los atacantes lleven a cabo un ataque de curva no v\u00e1lida en entornos en los que el proveedor JCE no cuenta con la validaci\u00f3n de curva aplicable."}], "lastModified": "2025-04-20T01:37:25.860", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3D2BDED-6749-4862-9D2D-54D871BDC8F9"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C7AD668-E307-4B4A-9BE8-E837DE4F717C"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAF9F006-8B1B-4448-8778-423A6A1F3DC8"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9523DEE0-8CCF-49C4-B0DA-C9EF243D4B09"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7206DFE0-70A4-4E06-BE7F-D8FA8C62A094"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A91050A7-FAE4-4080-B53C-F77420CBF9FB"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7E63FFD-9C37-4AFD-843E-2ED4235EE399"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DE00EFF-9045-4D30-AFA5-BFF0EDEF91B5"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AFC1A72-B7A1-42D3-BA3E-C009F041692D"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7891E427-B4D0-4E4A-9F5B-4A9122B72ED4"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:1.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3A76765-2D77-4C79-9E0E-B6A613835F51"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:1.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEC445F4-0859-4287-A22F-361CB2F3D037"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:1.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84BA3A10-0631-41B3-930E-D56A0AE6A273"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:1.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43E3F6F8-7EDD-4D5B-8805-41DDE054BEA9"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCE3E9B7-C835-461E-ADD7-D45FBB5A71F8"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A5B2D3A-EEF6-4147-A779-44E02AB395C0"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71010D0A-F4E0-4935-8809-F8E995BFA86C"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41465ADD-A6B9-4F80-80EF-B636997EA707"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9F8CA64-C93D-43E4-8EB4-3D4797008DF9"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36364548-4CE5-467A-BA83-5E742AB2593C"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46518146-4629-4ACD-B313-339BCB30F1A7"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C1C5455-5B5E-4BDE-8AA3-9F64A85912EA"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45973290-BB00-4376-A965-1A49CAC438E1"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE1BAB53-F7B9-4D29-88AA-C661E7899CBA"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0193A1C-E481-401C-B6EB-AC519FD26B67"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB7B82D5-29EE-422D-B1E4-B3F6397307F0"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2848658B-357A-4DAF-9B03-ACFBC3FAF0EF"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BB464C1-DA4B-44ED-A412-810B9AA189E1"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "431AD7BC-0959-4FEB-955A-9D194224DFB3"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.12.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4063DCC0-C019-49B2-8FBC-3C6E002D271B"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.13.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A58E19F-C057-45FD-AB6D-8E0B3C3435F0"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.13.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2634E6C8-BC82-4108-B56D-A54215D5CBEF"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "848C9121-0AD9-48CC-AFEF-A31F31486F3B"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "396692A2-8D0D-41FB-AC89-860113B5095E"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.15.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02F670A4-E4E8-4FE9-8BDB-5FB9B87EA476"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.15.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB27BDBF-0174-49F3-9E0B-763C3295ED5A"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43B070AE-3C83-45BA-BA17-23CF14C01BA8"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62E42F44-32C1-42C4-95AE-6B39CBE8215E"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.17.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03B6591B-133D-4D26-975E-CB7BACAAAB53"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.17.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B43E0F8B-851B-47DE-9756-93B7F289C853"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "899B28A8-9399-4D4A-A148-3D6A370235E4"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.18.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CB4503D-6395-419E-A114-B919C80C676C"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.18.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38364B69-9544-4DFE-8005-257966E0A118"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2877D83-1126-40CF-B537-6A59E79B4432"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.19.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A94B0B2A-D953-448E-895E-7B64EC527A48"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BF5F7D4-413D-4BB3-8E91-DA63B4A4EB49"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A5200FE-DB3C-4AA7-9A2C-E897B57B94C5"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48EA3A68-BB92-40C8-A499-3A355CC0C2BD"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.22.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8918A7A3-0CBA-4CA2-9F6D-EA077747E004"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C686C25-7B32-4100-8A45-A74F71DBAE58"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.24:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09D27567-5D24-4213-B02E-49F17F738D5A"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.25:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D22B26BE-378A-4A19-BF62-C88236D798D5"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3184E5FE-9689-4036-84A5-96E368EFA4CE"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:2.26.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "419FFF5B-29E7-44E1-9B24-6FB7C2FC2E3A"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "080D89F9-2CC0-44C7-A23D-268658708AA7"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F362B31F-A7A0-4BEF-A51D-51A7E465486D"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E57CA1D-10EE-4C07-A67A-52B9AAA95335"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F422D307-57B2-4FA5-814C-441E5C229159"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96DA3D0D-7782-42DA-AAA2-DE44B2B67360"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5894378-A2F7-4BE0-8C31-D9B8CE98A7F9"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "978B4A23-8F2F-494C-957B-BCFD72FAD731"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0985B2D-A96C-484A-B693-54C746024386"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A722D35B-1B21-42BC-A408-7437C9CEC5FD"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CB5F53D-F786-45C5-A3E6-D20501F6AE41"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F095DBDD-265E-4603-868E-8C4E3DCD5532"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38CD047F-EFC2-47CE-A405-B107EEDCC46C"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "963A6125-A5D7-4113-83D6-2C3C88F241B6"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41D46507-7624-446D-B75C-F1D2F9716EEF"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D76BC618-1F55-4FCB-A97C-616AC36F3C58"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6912C07-AF3F-44F4-964C-419C5AC1C8B5"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCF903D4-539F-4AA6-A30E-52022F06B8B0"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CAE6CF55-5C3F-4FB1-BC85-68CF5B8C42F0"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:3.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1B7AA70-C87D-4900-8DD6-A522A47EDDF4"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7927D451-07DB-4414-99DB-80DD9598F2EA"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "874C9354-4C0B-4F05-8B04-196ECFF983B6"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F309097C-98E3-467E-A1ED-92C25620F54A"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72AA6D9F-DD84-42A8-88E5-FDF049722825"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12957562-6B96-4482-A4DB-A08B396F3B65"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "231EE0FC-E5A8-4BB5-A913-36F2C0C0E3C5"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "750AAE75-42C4-4C0D-8F12-64DEB7A3C0E2"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C1B0E66-5556-4F95-9B65-EF7235A5F249"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99DE57AC-021B-432D-AC88-5233E79CA3E3"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D71EC2F3-E793-48A4-956A-B9E097ED4FF7"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10E92D26-7241-453C-A72B-134EAFE123C1"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "427A87D9-5DFC-46BF-8CD2-E5EAF5B0E0D9"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FB0A69F-E99A-4E9F-9533-3B0498CE0F62"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBD474EC-34E4-480E-A6D6-E38AA45A024E"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D5DC51A-99A4-4F80-A969-08CD423576EA"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.11.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A46F965D-BF09-4834-80B1-3BD43B5319AE"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.11.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD3F3776-7963-4FF2-8E14-8530F8DF5B6E"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEBB3337-A2BB-4795-8500-4A7DA2513B3E"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "284AD842-9C1D-4B59-A265-55F86F4B6F36"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.13.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CF725FA-FC45-45F4-8109-796CC0D56D0E"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "085AA1DF-FB71-4663-BF34-E91180FC3822"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68601D0B-E05A-478F-AB8B-61432036DC43"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.15.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB3F14BD-7BE0-42EE-A895-804DCAD108C8"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "561929A8-4D82-429E-908F-DECA493F3237"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.16.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAD6C3B2-DFD4-4E4A-AB7E-C4CCA81431BC"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.16.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED7261E1-4125-45C7-980D-256950A7B886"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F27DFF6F-E3BD-4F1B-8E4A-3DB33F98EE94"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86416AA0-CCD5-4780-8A41-724C7AAC9A79"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "247027A4-E5EA-4584-9A3E-8F62987123D5"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69E0DB99-22D1-4AE4-BD9F-78F55D19D400"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CB4D8B7-F73E-4B38-86A3-0656E6A2191F"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07686354-6652-4FFE-9BBC-905F8AD5632F"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B77C8B71-BC12-4645-AB1C-893F28F07414"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.24:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C72D36D-2E37-446C-AE45-1433F2BF6449"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.25:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "149B96B8-1DEB-4620-8C2D-D03A593D5ACB"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62A3D07E-40B7-4730-A666-640FE212A964"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.26.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77A42AAD-E7BA-434C-816E-9C606AE66CE4"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.27:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5095CB6A-7159-498D-9E0A-36245B7D7EB2"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.27.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BFDA0B1-1B68-49CE-9AF2-FD8F62441317"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.28:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17270178-8541-412C-AE9D-7ADE694DB39C"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.29:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE6ECBB9-F71E-4E04-8C1E-349650DE2F49"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6AFDEAF-CD55-495A-9B12-F131FE454FD2"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A39BB9C-2183-45DA-8236-D31125B447BF"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.31.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D62612F6-5774-4EAA-ACC1-A837256163FF"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5FDB6684-DF68-4334-ADB4-484731DAEE61"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "842555FA-61DC-40C1-AE26-319E10D63D52"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D15C6517-0B9B-4C36-BD34-80D7803FACCC"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.34.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D632C03-C8BE-4C2F-AB6C-D3ED55869D8A"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.34.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C0A77CA-FF6D-44DB-9476-1DF4F473C3D4"}, {"criteria": "cpe:2.3:a:connect2id:nimbus_jose\\+jwt:4.35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3BAF720-023A-4563-AD85-6CB70772A02F"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}