Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2024-28122
HistoryMar 10, 2024 - 9:37 a.m.

CVE-2024-28122

2024-03-1009:37:46
redhat.com
access.redhat.com
13
jwx
resource consumption
vulnerability
denial of service
jwe token
compression ratio
2024-28122
trusted public key

0.0004 Low

EPSS

Percentile

15.1%

JSON

An uncontrolled resource consumption vulnerability was found in jwx. This flaw allows an attacker with a trusted public key to cause a denial of service condition by crafting a malicious JWE token with an exceptionally high compression ratio.

Related

ibm 1
veracode 1
prion 1
cgr 1
cvelist 1
osv 2
cve 1
wolfi 1
github 1
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in JWx [CVE-2024-28122]
2024-04-25 18:27:39
veracode
veracode
Denial Of Service (DoS)
2024-03-11 06:02:37
prion
prion
Design/Logic Flaw
2024-03-09 01:15:00
cgr
cgr
CVE-2024-28122 vulnerabilities
2024-05-19 03:07:16
cvelist
cvelist
CVE-2024-28122 JWX vulnerable to a denial of service attack using compressed JWE message
2024-03-09 00:45:50
osv
osv
JWX vulnerable to a denial of service attack using compressed JWE message in github.com/lestrrat-go/jwx
2024-05-20 19:46:23
JWX vulnerable to a denial of service attack using compressed JWE message
2024-03-08 15:06:53
cve
cve
CVE-2024-28122
2024-03-09 01:15:06
wolfi
wolfi
CVE-2024-28122 vulnerabilities
2024-05-29 03:07:31
github
github
JWX vulnerable to a denial of service attack using compressed JWE message
2024-03-08 15:06:53

0.0004 Low

EPSS

Percentile

15.1%

JSON
Related for RH:CVE-2024-28122
ibm1veracode1prion1cgr1cvelist1osv2cve1wolfi1github1