The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 999 | all | libjose4j-java | <=ย 0.7.12-2 | libjose4j-java_0.7.12-2_all.deb |
Debian | 13 | all | libjose4j-java | <=ย 0.7.12-2 | libjose4j-java_0.7.12-2_all.deb |