The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-831bad8f8f advisory. jose is JavaScript module for JSON Object Signing ...
Continue Reading
May 02, 2024
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-560a7aca85 advisory. jose is JavaScript module for JSON Object Signing ...
Continue Reading
May 02, 2024
python-jose through 3.3.0 allows attackers to cause a denial of service (resource consumption) during a decode via a crafted JSON Web Encryption (JWE) token with a high compression ratio, aka a &q ...
Continue Reading
May 01, 2024
The python-jwcrypto package provides Python implementations of the JSON Web Key (JWK), JSON Web Signature (JWS), JSON Web Encryption (JWE), and JSON Web Token (JWT) JOSE (JSON Object Signing and Encry ...
Continue Reading
April 30, 2024
python-jose is vulnerable to Denial of Service (DoS). The vulnerability is due to missing token size limits during the decoding process of a JSON Web Encryption (JWE) token. An attacker can submit a t ...
Continue Reading
April 29, 2024
python-jose through 3.3.0 allows attackers to cause a denial of service (resource consumption) during a decode via a crafted JSON Web Encryption (JWE) token with a high compression ratio, aka a &q ...
Continue Reading
April 27, 2024
python-jose through 3.3.0 allows attackers to cause a denial of service (resource consumption) during a decode via a crafted JSON Web Encryption (JWE) token with a high compression ratio, aka a &q ...
Continue Reading
April 26, 2024
python-jose through 3.3.0 allows attackers to cause a denial of service (resource consumption) during a decode via a crafted JSON Web Encryption (JWE) token with a high compression ratio, aka a &q ...
Continue Reading
April 26, 2024
Back to Main
