{"vulnerability": "CVE-2020-2863", "sightings": [{"uuid": "4431b601-4627-4e85-b94d-b605271f2321", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-28637", "type": "seen", "source": "https://t.me/pt_soft/21", "content": "The JSON Web Token Toolkit v2\n\n\ud83d\udc0d A toolkit for testing, tweaking and cracking JSON Web Tokens\n\n\u041f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043d\u0430 \u0432\u0430\u043b\u0438\u0434\u043d\u043e\u0441\u0442\u044c\n\u041f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043d\u0430 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\n(CVE-2015-2951) alg=none\n(CVE-2016-10555) RS/HS256 public key mismatch\n(CVE-2018-0114) Key injection\n(CVE-2019-20933/CVE-2020-28637) Blank password\n(CVE-2020-28042) Null signature\n\n#json #jwt #jwt_tool #json_web_token", "creation_timestamp": "2023-08-02T10:00:03.000000Z"}, {"uuid": "1540c188-065a-4134-bd29-f5eb5645759e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-28637", "type": "seen", "source": "https://t.me/pt_soft/12", "content": "The JSON Web Token Toolkit v2\n\n\ud83d\udc0d A toolkit for testing, tweaking and cracking JSON Web Tokens\n\n\u041f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043d\u0430 \u0432\u0430\u043b\u0438\u0434\u043d\u043e\u0441\u0442\u044c\n\u041f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043d\u0430 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\n(CVE-2015-2951) alg=none\n(CVE-2016-10555) RS/HS256 public key mismatch\n(CVE-2018-0114) Key injection\n(CVE-2019-20933/CVE-2020-28637) Blank password\n(CVE-2020-28042) Null signature\n\n#json #jwt #jwt_tool #json_web_token", "creation_timestamp": "2023-08-02T10:00:03.000000Z"}, {"uuid": "0c6724fc-5634-4538-94b0-c8d51d642f08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-28633", "type": "seen", "source": "https://t.me/cibsecurity/41018", "content": "\u203c CVE-2020-28633 \u203c\n\nMultiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sedge() seh->prev().\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-18T20:23:31.000000Z"}, {"uuid": "b36c3681-b6e2-4d41-8069-b09f1dc51d31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-28634", "type": "seen", "source": "https://t.me/cibsecurity/41014", "content": "\u203c CVE-2020-28634 \u203c\n\nMultiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sedge() seh->next().\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-18T20:29:56.000000Z"}, {"uuid": "fb2e0bb3-7b4c-4afc-b45c-81c34b0d0de1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-28635", "type": "seen", "source": "https://t.me/cibsecurity/41047", "content": "\u203c CVE-2020-28635 \u203c\n\nMultiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sedge() seh->facet().\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-18T20:29:48.000000Z"}, {"uuid": "924fc74d-4e93-494e-9e01-b5d583561862", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-28638", "type": "seen", "source": "https://t.me/cibsecurity/16328", "content": "\u203c CVE-2020-28638 \u203c\n\nask_password in Tomb 2.0 through 2.7 returns a warning when pinentry-curses is used and $DISPLAY is non-empty, causing affected users' files to be encrypted with \"tomb {W] Detected DISPLAY, but only pinentry-curses is found.\" as the encryption key.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-14T00:33:57.000000Z"}]}