Lucene search
HistoryFeb 11, 2024 - 5:15 a.m.
CVE-2023-52428
cve-2023-52428
connect2id nimbus jose+jwt
denial of service
passwordbaseddecrypter
pbkdf2
In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component.
Related
ibm
ibm
Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by a Denial of Service Vulnerability in Nimbus-JOSE-JWT (CVE-2023-52428)
2024-05-20 14:44:13
github
github
Denial of Service in Connect2id Nimbus JOSE+JWT
2024-02-11 06:30:27
osv
osv
CGA-7v5w-r37c-32w7
2024-06-06 12:25:03
CGA-7x8r-hc4w-927c
2024-06-06 12:23:32
CGA-7847-h394-6rg8
2024-06-06 12:24:53
nessus
nessus
Oracle Primavera Unifier DoS (Apr 2024 CPU)
2024-04-17 00:00:00
Atlassian Jira Service Management Data Center and Server < 5.4.19 / 5.11.x < 5.12.6 (JSDSERVER-15248)
2024-05-02 00:00:00
Oracle Business Intelligence Enterprise Edition (July 2024 CPU)
2024-07-22 00:00:00
redhatcve
redhatcve
CVE-2023-52428
2024-09-04 17:45:08
prion
prion
Code injection
2024-02-11 05:15:00
vulnrichment
vulnrichment
CVE-2023-52428
2024-02-11 00:00:00
cve
cve
CVE-2023-52428
2024-02-11 05:15:08
cgr
cgr
CVE-2023-52428 vulnerabilities
2024-05-19 03:07:16
wolfi
wolfi
CVE-2023-52428 vulnerabilities
2024-09-16 09:11:41
cvelist
cvelist
CVE-2023-52428
2024-02-11 00:00:00
redhat
redhat
oracle
oracle
Oracle Critical Patch Update Advisory - July 2024
2024-07-16 00:00:00
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00