Crypt-JWT-0.010

Security Advisories (1)

CVE-2019-1010161 (2019-03-20)

perl-CRYPT-JWT 0.022 and earlier is affected by: Incorrect Access Control. The impact is: bypass authentication. The component is: JWT.pm for JWT security token, line 614 in _decode_jws(). The attack vector is: network connectivity(crafting user-controlled input to bypass authentication). The fixed version is: 0.023.

https://github.com/DCIT/perl-Crypt-JWT/issues/3#issuecomment-417947483

Changes for version 0.010 - 2015-07-07

INCOMPATIBLE CHANGE: 'key' param of decode_jwt and encode_jwt: PEM/DER/JWK-JSON key strings are not passed as scalars but as a reference to scalar (see examples in documentation)
decode_jwt: kid_keys now strictly checks kty (key type)

Modules

Crypt::JWT

JSON Web Token (JWT, JWS, JWE) as defined by RFC7519, RFC7515, RFC7516

Crypt::KeyWrap

Key management/wrapping algorithms defined in RFC7518 (JWA)

Other files

To install Crypt::JWT, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Crypt::JWT

CPAN shell

perl -MCPAN -e shell
install Crypt::JWT

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

Changes for version 0.010 - 2015-07-07

Modules

Other files

Module Install Instructions