Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-50966

Опубликовано: 19 мар. 2024
Источник: debian

Описание

erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
erlang-josefixed1.11.10-1package
erlang-joseno-dsabookwormpackage
erlang-joseno-dsabullseyepackage
erlang-josepostponedbusterpackage

Примечания

  • https://github.com/potatosalad/erlang-jose/issues/156

  • https://github.com/P3ngu1nW/CVE_Request/blob/main/erlang-jose.md

  • https://github.com/potatosalad/erlang-jose/commit/718d213f07b08056737923f8063d5df56dcb66ae (1.11.7)

Связанные уязвимости

ubuntu логотип

CVE-2023-50966

CVSS3: 5.3
ubuntu
почти 2 года назад

erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header.

redhat логотип

CVE-2023-50966

CVSS3: 6.5
redhat
почти 2 года назад

erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header.

nvd логотип

CVE-2023-50966

CVSS3: 5.3
nvd
почти 2 года назад

erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header.

msrc логотип

CVE-2023-50966

CVSS3: 5.3
msrc
больше 1 года назад

Описание отсутствует

github логотип

GHSA-9mg4-v392-8j68

CVSS3: 5.3
github
почти 2 года назад

erlang-jose vulnerable to denial of service via large p2c value