CVE-2020-10244
HIGHjpaseto < 0.3.0 - Inadequate Encryption Strength in v2.local Token Hashing
Title source: llmDescription
JPaseto before 0.3.0 generates weak hashes when using v2.local tokens.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_confirm
https://github.com/paseto-toolkit/jpaseto/releases/tag/jpaseto-0.3.0
Scores
CVSS v3
7.5
EPSS
0.0071
EPSS Percentile
48.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-326
Status
published
Products (1)
jpaseto_project/jpaseto
< 0.3.0
Published
Mar 09, 2020
Tracked Since
Feb 18, 2026