CNNVD-202507-3951 Information

Jul 31, 2025 cve

CNNVD ID

CNNVD-202507-3951

CVE-2025-45770

  • CNNVD Published: 2025-07-31

Description (Chinese)

jwt是JSON Web Token开源的一个Ruby库。 Jwt v5.4.3版本存在安全漏洞,该漏洞源于弱加密。

Description (English)

Jwt is a Ruby library of the open source JSON Web Token. Version Jwt v5.4.3 contains a security loophole that originates from weak encryption.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

JSON Web Token

Published

2025-07-31

Last Modified

2026-02-24

References

https://github.com/lcobucci/jwt https://gist.github.com/ZupeiNie/cd88c827eef11a1618f8baacccd240fb https://access.redhat.com/security/cve/cve-2025-45770

Patch

https://github.com/lcobucci/jwt/releases

Share on: