Описание
jose4j denial of service via specifically crafted JWE
The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.
Пакеты
org.bitbucket.b_c:jose4j
< 0.9.4
0.9.4
Связанные уязвимости
The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.
The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.
The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.
The jose4j component before 0.9.4 for Java allows attackers to cause a ...
Уязвимость JWT-библиотеки Jose4j, связанная с неправильной реализацией алгоритма PBES2 при обработке параметра p2c, позволяющая нарушителю вызвать отказ в обслуживании