216.73.217.64

CVE-2025-45765

· Published 07/08/2025 21:15 · Modified 07/08/2025 21:26

Labels: CVE-2025-45765 2025-08-07CVE-2025-45765[email protected]

Essential information

Published
07/08/2025 21:15
Modified
07/08/2025 21:26
Author
Creator
CISA KEV
No
CWE

Description

ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. NOTE: the Supplier's perspective is "keysize is not something that is enforced by this library. Currently more recent versions of OpenSSL are enforcing some key sizes and those restrictions apply to the users of this gem also."

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
ruby / jwt cpe:2.3:a:ruby:jwt:3.0.0.beta1:*:*:*:*:*:*:*

References