Lucene search
Rhonabwy Security Vulnerabilities
cve
Rhonabwy 0.9.99 through 1.1.x before 1.1.7 doesn't check the RSA private key length before RSA-OAEP decryption. This allows attackers to cause a Denial of Service via a crafted JWE (JSON Web Encryption)...
7.5CVSS
7.3AI Score
0.001EPSS
2022-08-20 08:15 PM
32
9
cve
Rhonabwy before v1.1.5 was discovered to contain a buffer overflow via the component r_jwe_aesgcm_key_unwrap. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted JWE...
7.5CVSS
7.5AI Score
0.001EPSS
2022-07-13 04:15 PM
31
4