VulnerableCode Package Details - pkg:deb/ubuntu/juju-core@2.2.4-0ubuntu0.16.04.1

Search for packages

Package details: pkg:deb/ubuntu/juju-core@2.2.4-0ubuntu0.16.04.1

Essentials
History (0)

purl	pkg:deb/ubuntu/juju-core@2.2.4-0ubuntu0.16.04.1

Next non-vulnerable version	2.3.7-0ubuntu0.16.04.1
Latest non-vulnerable version	2.3.7-0ubuntu0.16.04.1
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-gt63-t28m-aaak Aliases: CVE-2020-26160 GHSA-w73w-5m7g-f7qc	jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification). Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lacks its own audience check.	2.3.7-0ubuntu0.16.04.1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version