Lucene search
Redhat.comRH:CVE-2023-50966HistoryMar 19, 2024 - 4:25 p.m.
CVE-2023-50966
2024-03-1916:25:45
redhat.com
access.redhat.com
7
erlang
jose
denial of service
pbes2 count
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
AI Score
6.5
Confidence
High
EPSS
0
Percentile
15.5%
erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header.
Related
github
github
erlang-jose vulnerable to denial of service via large p2c value
2024-03-19 15:30:34
ubuntucve
ubuntucve
CVE-2023-50966
2024-03-19 00:00:00
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-9484b6915b)
2024-08-06 00:00:00
Fedora: Security Advisory (FEDORA-2024-a8d7972ef6)
2024-08-06 00:00:00
cve
cve
CVE-2023-50966
2024-03-19 15:15:07
fedora
fedora
[SECURITY] Fedora 39 Update: erlang-jose-1.11.10-1.fc39
2024-07-16 01:41:25
[SECURITY] Fedora 40 Update: erlang-jose-1.11.10-1.fc40
2024-07-16 04:32:09
cvelist
cvelist
CVE-2023-50966
2024-03-19 00:00:00
nvd
nvd
CVE-2023-50966
2024-03-19 15:15:07
nessus
nessus
Fedora 40 : erlang-jose (2024-a8d7972ef6)
2024-07-16 00:00:00
Fedora 39 : erlang-jose (2024-9484b6915b)
2024-07-16 00:00:00
osv
osv
CVE-2023-50966
2024-03-19 15:15:07
erlang-jose vulnerable to denial of service via large p2c value
2024-03-19 15:30:34
debiancve
debiancve
CVE-2023-50966
2024-03-19 15:15:07
vulnrichment
vulnrichment
CVE-2023-50966
2024-03-19 00:00:00
redos
redos
ROS-20240619-02
2024-06-19 00:00:00
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
AI Score
6.5
Confidence
High
EPSS
0
Percentile
15.5%
Related for RH:CVE-2023-50966