Lucene search
K

306 matches found

RedHat Linux
RedHat Linux
added 2 days ago3 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS6.7AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2 days ago3 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS6.7AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2 days ago4 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS6.7AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 3 days ago3 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS6.7AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 3 days ago6 views

jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression

A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption JWE token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This...

7.5CVSS6.8AI score0.00244EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 4 days ago6 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS5.8AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 4 days ago7 views

Important: Red Hat Security Advisory: osbuild-composer security update

An update for osbuild-composer is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

7.5CVSS5.8AI score0.00651EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 3:18 p.m.4 views

SUSE-SU-2026:2636-1 Security update for podman

This update for podman fixes the following issues - CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of service bsc1262856. - CVE-2026-39829,CVE-2026-39830,CVE-2026-42508,CVE-2026-46598:...

9.1CVSS5.8AI score0.00651EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/22 11:36 a.m.6 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS7.2AI score0.00651EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Golang-github-dvsekhvalnov-jose2go

A vulnerability was discovered in dvsekhvalnov jose2go versions 1.5.0 through 1.7.0. This vulnerability allows an attacker to trigger a Denial-of-Service DoS attack by using a specially crafted JSON Web Encryption JWE token with an exceptionally high compression ratio...

7.5CVSS5.9AI score0.00236EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/06/15 7:47 p.m.13 views

Important: Red Hat Security Advisory: osbuild-composer security update

An update for osbuild-composer is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.7AI score0.00651EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/15 7:47 p.m.10 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS7.5AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/11 1:40 p.m.16 views

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

10CVSS7.1AI score0.01945EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 2026/06/11 1:40 p.m.9 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS6.9AI score0.00651EPSS
Exploits0References6
Rockylinux
Rockylinux
added 2026/06/11 12:3 p.m.17 views

osbuild-composer security update

An update is available for osbuild-composer. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A service for building customized OS artifacts, such as VM images an...

10CVSS6.8AI score0.01945EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.13 views

RHEL 9 : skopeo (RHSA-2026:25250)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25250 advisory. The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and...

10CVSS5.6AI score0.01945EPSS
Exploits3References12
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.13 views

RHEL 10 : image-builder (RHSA-2026:22937)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:22937 advisory. A local binary for building customized OS artifacts such as VM images and OSTree commits. Uses osbuild under the hood. Security Fixes:...

10CVSS5.7AI score0.01945EPSS
Exploits2References19
RedHat Linux
RedHat Linux
added 2026/06/04 1:27 p.m.9 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS5.8AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/03 7:3 p.m.14 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS7.2AI score0.00651EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.10 views

RockyLinux 9 : podman (RLSA-2026:19173)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19173 advisory. github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption JWE object CVE-2026-34986 Tenable has...

7.5CVSS6.9AI score0.00651EPSS
Exploits0References3
Rows per page
Query Builder