Vulnerability CVE-2017-12973

Vulnerability CVE-2017-12973

Published: 2017-08-20

Description:

Type:

(Improper Validation of Integrity Check Value)

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Affected software
Connect2id -> Nimbus jose+jwt

https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/6a29f10f723f406eb25555f55842c59a43a38912

https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/223/aescbc-return-immediately-on-invalid-hmac

https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt