CVE-2021-3127

HIGH

Nats Jwt Library < 2.0.1 - Improper Exception Handling

Title source: rule

Description

NATS Server 2.x before 2.2.0 and JWT library before 2.0.1 have Incorrect Access Control because Import Token bindings are mishandled.

References (1)

Scores

CVSS v3 7.5
EPSS 0.0029
EPSS Percentile 52.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-755
Status published

Affected Products (4)

nats/jwt_library < 2.0.1
nats/nats_server < 2.2.0
nats-io/jwt Go
nats-io/jwt < 2.0.1Go

Timeline

Published Mar 16, 2021
Tracked Since Feb 18, 2026