7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
The jose2go component before 1.6.0 for Go allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.
github.com/advisories/GHSA-6294-6rgp-fr7r
github.com/dvsekhvalnov/jose2go/commit/a4584e9dd7128608fedbc67892eba9697f0d5317
github.com/dvsekhvalnov/jose2go/compare/v1.5.0...v1.6.0
nvd.nist.gov/vuln/detail/CVE-2023-50658