CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-29451

Portofino is an open source web development framework. Portofino before version 5.2.1 did not properly verify the signature of JSON Web Tokens. This allows forging a valid JWT. The issue will be patched in the upcoming 5.2.1 release.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.4%

CVSS Severity

CVSS v3 Score 9.1

CVSS v2 Score 6.4

References

Products affected by CVE-2021-29451

Manydesigns » Portofino » Version: 5.0.0

cpe:2.3:a:manydesigns:portofino:5.0.0
Manydesigns » Portofino » Version: 5.0.1

cpe:2.3:a:manydesigns:portofino:5.0.1
Manydesigns » Portofino » Version: 5.0.2

cpe:2.3:a:manydesigns:portofino:5.0.2
Manydesigns » Portofino » Version: 5.0.3

cpe:2.3:a:manydesigns:portofino:5.0.3
Manydesigns » Portofino » Version: 5.1.0

cpe:2.3:a:manydesigns:portofino:5.1.0
Manydesigns » Portofino » Version: 5.1.1

cpe:2.3:a:manydesigns:portofino:5.1.1
Manydesigns » Portofino » Version: 5.1.2

cpe:2.3:a:manydesigns:portofino:5.1.2
Manydesigns » Portofino » Version: 5.1.3

cpe:2.3:a:manydesigns:portofino:5.1.3
Manydesigns » Portofino » Version: 5.1.4

cpe:2.3:a:manydesigns:portofino:5.1.4
Manydesigns » Portofino » Version: 5.2.0

cpe:2.3:a:manydesigns:portofino:5.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-29451

Products

Pricing

Contact Us