Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2025-45765
Awaiting Analysis
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-07 Aug, 2025 | 21:15
Updated At-12 Aug, 2025 | 15:15

ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. NOTE: the Supplier's perspective is "keysize is not something that is enforced by this library. Currently more recent versions of OpenSSL are enforcing some key sizes and those restrictions apply to the users of this gem also."

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 9.1
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-326Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-326
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://gist.github.com/ZupeiNie/c621253068ce5b64911629534879e8f9cve@mitre.org
N/A
https://github.com/jwt/ruby-jwt/issues/668cve@mitre.org
N/A
Hyperlink: https://gist.github.com/ZupeiNie/c621253068ce5b64911629534879e8f9
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://github.com/jwt/ruby-jwt/issues/668
Source: cve@mitre.org
Resource: N/A
Change History
0Changes found
Details not found