VulnerableCode Package Details - pkg:deb/ubuntu/juju-core@2.3.7-0ubuntu0.16.04.1

Search for packages

Package details: pkg:deb/ubuntu/juju-core@2.3.7-0ubuntu0.16.04.1

Essentials
History (0)

purl	pkg:deb/ubuntu/juju-core@2.3.7-0ubuntu0.16.04.1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-gt63-t28m-aaak	jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification). Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lacks its own audience check.	CVE-2020-26160 GHSA-w73w-5m7g-f7qc

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version