Описание
erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header.
EPSS
Процентиль: 3%
0.00019
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-400
Связанные уязвимости
CVSS3: 5.3
ubuntu
больше 1 года назад
erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header.
CVSS3: 6.5
redhat
больше 1 года назад
erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header.
CVSS3: 5.3
debian
больше 1 года назад
erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow atta ...
CVSS3: 5.3
github
больше 1 года назад
erlang-jose vulnerable to denial of service via large p2c value
EPSS
Процентиль: 3%
0.00019
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-400