1. Home
  2. Vulnerabilities
  3. CVE-2022-23529
0.0
NA
CVE-2022-23529
Apache Not a Vulnerability
Overview
Description

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The issue is not a vulnerability. Notes: none.

Details
INFO

Published Date :

Dec. 21, 2022, 9:15 p.m.

Last Modified :

Nov. 7, 2023, 3:44 a.m.

Remotely Exploit :

No

Source :

[email protected]
Impact
Affected Products

The following products are affected by CVE-2022-23529 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Auth0 jsonwebtoken
: Total Affected Vendor : 1 | Products : 1
Solution
This information is provided by the 3rd party feeds.
  • n\a
Public PoC/Exploit Available at Github

CVE-2022-23529 has a 42 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
kevsecops/test1

SAST Demo Projects - Intentionally vulnerable applications for demonstrating and evaluating Static Application Security Testing (SAST) tools

Python TypeScript Java

Updated: 1 day, 11 hours ago
0 stars 1 fork 1 watcher
Born at : March 17, 2026, 11:17 a.m. This repo has been linked 31 different CVEs too.
Profile Photo
wanikua/become-ceo

Your AI executive team on Discord. 7 specialized agents — Engineering, Finance, Marketing, DevOps, Legal, Management, Chief of Staff. One-click setup on any free-tier server. Built on Clawdbot.

ai ai-agents clawdbot discord discord-bot multi-agent ai-team automation discord-bots free-tier self-hosted executive-team browser-automation cron-jobs devops github-actions llm notion open-source tts

Shell Dockerfile JavaScript HTML TypeScript CSS

Updated: 1 day, 2 hours ago
47 stars 6 fork 6 watcher
Born at : Feb. 28, 2026, 12:47 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
Maxime-Mathieu/devsecops-lab

None

Dockerfile JavaScript

Updated: 4 days, 22 hours ago
0 stars 0 fork 0 watcher
Born at : Feb. 27, 2026, 1:16 p.m. This repo has been linked 3 different CVEs too.
Profile Photo
BoxiYu/SecAudit

Security Scanner for modern software

TypeScript JavaScript

Updated: 3 weeks, 1 day ago
1 stars 0 fork 0 watcher
Born at : Feb. 23, 2026, 8:04 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
continuedev/snyk-security-lab

Sample app for Continue + Snyk hands-on lab

JavaScript

Updated: 3 weeks, 1 day ago
2 stars 0 fork 0 watcher
Born at : Feb. 20, 2026, 8:28 p.m. This repo has been linked 2 different CVEs too.
Profile Photo
WoodrumHouses/BlackDuckAgentDemo

Demo app with known vulnerable dependencies for SCA vulnerability remediation using GitHub Copilot coding agent

Updated: 1 month ago
0 stars 0 fork 0 watcher
Born at : Feb. 18, 2026, 2:36 p.m. This repo has been linked 3 different CVEs too.
Profile Photo
awiseguy88/openclaw-advanced-skills-library

OpenClaw Skills Library 2,510 Production-Ready Skills for AI Agent Automation Give your OpenClaw agent the complete puzzle. Modular, observable, and safe automation workflows for Ubuntu Linux systems. Built for professionals who need reliability.

Updated: 3 weeks, 3 days ago
2 stars 0 fork 0 watcher
Born at : Feb. 17, 2026, 5:05 p.m. This repo has been linked 602 different CVEs too.
Profile Photo
Nox-HQ/nox-plugin-sbom-enrich

SBOM vulnerability enrichment, outdated package detection, and license compliance checking.

Dockerfile Makefile Go

Updated: 1 month, 1 week ago
0 stars 0 fork 0 watcher
Born at : Feb. 9, 2026, 10:37 a.m. This repo has been linked 12 different CVEs too.
Profile Photo
ivrubtsov/TransitiveVulnerabilities

Sample application with transitive dependencies to test an AI agent

Python Shell JavaScript

Updated: 1 month, 2 weeks ago
0 stars 1 fork 1 watcher
Born at : Jan. 29, 2026, 2:55 p.m. This repo has been linked 6 different CVEs too.
Profile Photo
plexicus/simplest-sca-vulnerable

None

Go Java JavaScript Python

Updated: 1 month, 2 weeks ago
0 stars 2 fork 2 watcher
Born at : Jan. 28, 2026, 3:22 p.m. This repo has been linked 9 different CVEs too.
Profile Photo
GonBogner/vuln-insecure-dependencies

Test repo with vulnerable dependencies for PatchPilot

Updated: 1 month, 3 weeks ago
0 stars 0 fork 0 watcher
Born at : Jan. 25, 2026, 1:56 p.m. This repo has been linked 18 different CVEs too.
Profile Photo
testing-gh-org-2/test-less-vulnerability-repo-1

None

JavaScript

Updated: 2 months ago
0 stars 0 fork 0 watcher
Born at : Jan. 16, 2026, 5:35 a.m. This repo has been linked 5 different CVEs too.
Profile Photo
testing-gh-org-2/new-dependencies-repo1

None

JavaScript

Updated: 2 months ago
0 stars 0 fork 0 watcher
Born at : Jan. 15, 2026, 9:27 a.m. This repo has been linked 5 different CVEs too.
Profile Photo
test-srm-stageaz-org/e2e-stageAZ-new-data-2

None

JavaScript

Updated: 2 months ago
0 stars 0 fork 0 watcher
Born at : Jan. 15, 2026, 8:58 a.m. This repo has been linked 5 different CVEs too.
Profile Photo
test-srm-stageaz-org/e2e-stageAZ-new-data

None

JavaScript

Updated: 2 months ago
0 stars 0 fork 0 watcher
Born at : Jan. 15, 2026, 6:02 a.m. This repo has been linked 5 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2022-23529 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2022-23529 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    Nov. 07, 2023

    Action Type Old Value New Value
    Changed Description ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The issue is not a vulnerability. Notes: none. Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The issue is not a vulnerability. Notes: none.
  • CVE Modified by [email protected]

    Jan. 27, 2023

    Action Type Old Value New Value
    Changed Description node-jsonwebtoken is a JsonWebToken implementation for node.js. For versions `<= 8.5.1` of `jsonwebtoken` library, if a malicious actor has the ability to modify the key retrieval parameter (referring to the `secretOrPublicKey` argument from the readme link of the `jwt.verify()` function, they can write arbitrary files on the host machine. Users are affected only if untrusted entities are allowed to modify the key retrieval parameter of the `jwt.verify()` on a host that you control. This issue has been fixed, please update to version 9.0.0. ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The issue is not a vulnerability. Notes: none.
    Removed CVSS V3.1 GitHub, Inc. AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
    Removed CVSS V3.1 Reason A-No limiting factors
    Removed CVSS V3.1 Reason C-No limiting factors
    Removed CVSS V3.1 Reason PR-No privileges needed
    Removed Reference https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3 [Patch, Third Party Advisory]
    Removed Reference https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-27h2-hvpr-p74q [Third Party Advisory]
    Removed CWE GitHub, Inc. CWE-20
  • CVE Rejected by [email protected]

    Jan. 27, 2023

    Action Type Old Value New Value
  • Initial Analysis by [email protected]

    Dec. 30, 2022

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3 No Types Assigned https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3 Patch, Third Party Advisory
    Changed Reference Type https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-27h2-hvpr-p74q No Types Assigned https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-27h2-hvpr-p74q Third Party Advisory
    Added CPE Configuration OR *cpe:2.3:a:auth0:jsonwebtoken:*:*:*:*:*:node.js:*:* versions up to (including) 8.5.1
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CVSS
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.