VDB
CVE-2021-46743
CVE-2021-46743
PUBLISHED
CVSS 9.100000381469727 CRITICAL
Firebase PHP-JWT key/algorithm type confusion
EPSS 0.64% · 71.0th percentile
Risk Scores
CVSS 3.1
9.100000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
0.64%
71.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| firebase_php-jwt | 0 | |
| firebase | php-jwt | 0 |
| n/a | n/a | n/a |
Timeline
- Mar 29, 2022 CVE Published
- Mar 29, 2022 EPSS Score
- Apr 8, 2022 CVE Updated
- Jul 9, 2022 EPSS Score
- Aug 29, 2022 EPSS Score
- Dec 9, 2022 EPSS Score
- Jan 29, 2023 EPSS Score
- Mar 20, 2023 EPSS Score
- Jun 30, 2023 EPSS Score
- Aug 20, 2023 EPSS Score
- Nov 29, 2023 EPSS Score
- Jan 19, 2024 EPSS Score
References
- https://github.com/firebase/php-jwt/issues/351 url
- https://nvd.nist.gov/vuln/detail/CVE-2021-46743 advisory
- https://github.com/FriendsOfPHP/security-advisories/blob/master/firebase/php-jwt/CVE-2021-46743.yaml url
- https://github.com/firebase/php-jwt package
- https://github.com/firebase/php-jwt/releases/tag/v6.0.0 url