Lucene search
+L

6 matches found

nessus
nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 9 : cjose-0.6.1-13.el9 (AXSA:2023-6285:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6285:01 advisory. cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE CVE-2023-37464 Tenable has extracted the preceding...

8.6CVSS5.6AI score0.0071EPSS
Exploits1References2
nessus
nessus
added 2025/08/18 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-37464

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenIDC/cjose is a C library implementing the Javascript Object Signing and Encryption JOSE. The AES GCM decryption routine incorrectly uses the Tag length from...

8.6CVSS7.1AI score0.0071EPSS
Exploits1References2
redhat
redhat
added 2023/08/01 2:30 p.m.4 views

cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE

A vulnerability was found in cjose. The cjose is a C library implementing the Javascript Object Signing and Encryption JOSE. The AES GCM decryption routine incorrectly uses the tag length from the actual Authentication Tag provided in the JSON Web Encryption JWE. A fixed length of 16 octets must ...

8.6CVSS5.7AI score0.0071EPSS
Exploits1References5
redhat
redhat
added 2023/08/01 1:54 p.m.11 views

cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE

A vulnerability was found in cjose. The cjose is a C library implementing the Javascript Object Signing and Encryption JOSE. The AES GCM decryption routine incorrectly uses the tag length from the actual Authentication Tag provided in the JSON Web Encryption JWE. A fixed length of 16 octets must ...

8.6CVSS5.7AI score0.0071EPSS
Exploits1References5
redhat
redhat
added 2023/08/01 1:45 p.m.5 views

cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE

A vulnerability was found in cjose. The cjose is a C library implementing the Javascript Object Signing and Encryption JOSE. The AES GCM decryption routine incorrectly uses the tag length from the actual Authentication Tag provided in the JSON Web Encryption JWE. A fixed length of 16 octets must ...

8.6CVSS5.7AI score0.0071EPSS
Exploits1References5
redhat
redhat
added 2023/08/01 1:39 p.m.9 views

cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE

A vulnerability was found in cjose. The cjose is a C library implementing the Javascript Object Signing and Encryption JOSE. The AES GCM decryption routine incorrectly uses the tag length from the actual Authentication Tag provided in the JSON Web Encryption JWE. A fixed length of 16 octets must ...

8.6CVSS5.7AI score0.0071EPSS
Exploits1References5
Rows per page
Query Builder