CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-28042

ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.202

EPSS Ranking 95.3%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

Products affected by CVE-2020-28042

Servicestack » Servicestack » Version: 4.0.10

cpe:2.3:a:servicestack:servicestack:4.0.10
Servicestack » Servicestack » Version: 4.0.17

cpe:2.3:a:servicestack:servicestack:4.0.17
Servicestack » Servicestack » Version: 4.0.18

cpe:2.3:a:servicestack:servicestack:4.0.18
Servicestack » Servicestack » Version: 4.0.19

cpe:2.3:a:servicestack:servicestack:4.0.19
Servicestack » Servicestack » Version: 4.0.20

cpe:2.3:a:servicestack:servicestack:4.0.20
Servicestack » Servicestack » Version: 4.0.21

cpe:2.3:a:servicestack:servicestack:4.0.21
Servicestack » Servicestack » Version: 4.0.22

cpe:2.3:a:servicestack:servicestack:4.0.22
Servicestack » Servicestack » Version: 4.0.23

cpe:2.3:a:servicestack:servicestack:4.0.23
Servicestack » Servicestack » Version: 4.0.24

cpe:2.3:a:servicestack:servicestack:4.0.24
Servicestack » Servicestack » Version: 4.0.30

cpe:2.3:a:servicestack:servicestack:4.0.30
Servicestack » Servicestack » Version: 4.0.31

cpe:2.3:a:servicestack:servicestack:4.0.31
Servicestack » Servicestack » Version: 4.0.32

cpe:2.3:a:servicestack:servicestack:4.0.32
Servicestack » Servicestack » Version: 4.0.33

cpe:2.3:a:servicestack:servicestack:4.0.33
Servicestack » Servicestack » Version: 4.0.34

cpe:2.3:a:servicestack:servicestack:4.0.34
Servicestack » Servicestack » Version: 4.0.35

cpe:2.3:a:servicestack:servicestack:4.0.35
Servicestack » Servicestack » Version: 4.0.36

cpe:2.3:a:servicestack:servicestack:4.0.36
Servicestack » Servicestack » Version: 4.0.38

cpe:2.3:a:servicestack:servicestack:4.0.38
Servicestack » Servicestack » Version: 4.0.42

cpe:2.3:a:servicestack:servicestack:4.0.42
Servicestack » Servicestack » Version: 4.0.44

cpe:2.3:a:servicestack:servicestack:4.0.44
Servicestack » Servicestack » Version: 4.0.46

cpe:2.3:a:servicestack:servicestack:4.0.46
Servicestack » Servicestack » Version: 4.0.48

cpe:2.3:a:servicestack:servicestack:4.0.48
Servicestack » Servicestack » Version: 4.0.50

cpe:2.3:a:servicestack:servicestack:4.0.50
Servicestack » Servicestack » Version: 4.0.52

cpe:2.3:a:servicestack:servicestack:4.0.52
Servicestack » Servicestack » Version: 4.0.54

cpe:2.3:a:servicestack:servicestack:4.0.54
Servicestack » Servicestack » Version: 4.0.56

cpe:2.3:a:servicestack:servicestack:4.0.56
Servicestack » Servicestack » Version: 4.0.58

cpe:2.3:a:servicestack:servicestack:4.0.58
Servicestack » Servicestack » Version: 4.0.60

cpe:2.3:a:servicestack:servicestack:4.0.60
Servicestack » Servicestack » Version: 4.0.62

cpe:2.3:a:servicestack:servicestack:4.0.62
Servicestack » Servicestack » Version: 4.5.0

cpe:2.3:a:servicestack:servicestack:4.5.0
Servicestack » Servicestack » Version: 4.5.10

cpe:2.3:a:servicestack:servicestack:4.5.10
Servicestack » Servicestack » Version: 4.5.12

cpe:2.3:a:servicestack:servicestack:4.5.12
Servicestack » Servicestack » Version: 4.5.14

cpe:2.3:a:servicestack:servicestack:4.5.14
Servicestack » Servicestack » Version: 4.5.2

cpe:2.3:a:servicestack:servicestack:4.5.2
Servicestack » Servicestack » Version: 4.5.4

cpe:2.3:a:servicestack:servicestack:4.5.4
Servicestack » Servicestack » Version: 4.5.6

cpe:2.3:a:servicestack:servicestack:4.5.6
Servicestack » Servicestack » Version: 4.5.8

cpe:2.3:a:servicestack:servicestack:4.5.8
Servicestack » Servicestack » Version: 5

cpe:2.3:a:servicestack:servicestack:5
Servicestack » Servicestack » Version: 5.0.2

cpe:2.3:a:servicestack:servicestack:5.0.2
Servicestack » Servicestack » Version: 5.1.0

cpe:2.3:a:servicestack:servicestack:5.1.0
Servicestack » Servicestack » Version: 5.2.0

cpe:2.3:a:servicestack:servicestack:5.2.0
Servicestack » Servicestack » Version: 5.4

cpe:2.3:a:servicestack:servicestack:5.4
Servicestack » Servicestack » Version: 5.5

cpe:2.3:a:servicestack:servicestack:5.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-28042

Products

Pricing

Contact Us