fast-jwt CVE-2020-35040: Stateful Regex Non-deterministic Validation Bypass

github.com 2026-04-10翻訳準備中…中国語で表示中中国語 →English →

Security AdvisoryCVE-2020-35040Highfast-jwt

Affected:

fast-jwt

参照 CVE: CVE-2026-35040 · 5.3

文章内图片已隐藏以节省流量 · 升级 Pro 后可见图片及离线存档

本文由本平台从 github.com 自动抓取，经 LLM 流水线清洗、双语翻译。版权归原作者。查看原文。

このソースからの他の記事

NVIDIA Inference API Server Unauthenticated RCE via pickle.loads() Deserialization (CWE-502) 2026-06-18 Envoy CVE-2025-4774: HTTP/2 Cookie Bypass & HPACK Amplification DoS via Memory Exhaustion 2026-06-18 undici HTTP Response Queue Poisoning via Keep-Alive Socket Reuse (CVE-2024-6733) 2026-06-18 undici SocksProxyAgent Cross-Origin Request Routing Vulnerability 2026-06-18 CVE-2025-9679: undici HTTP Response Header Injection via Set-Cookie 2026-06-18

离线存档

离线截图 & PDF 为 Pro 专属