Lucene search
K

53 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.5 views

TencentOS Server 3: jose (TSSA-2024:0392)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0392 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS6.7AI score0.02085EPSS
Exploits1References3
Rosalinux
Rosalinux
added 2025/06/09 8:56 a.m.6 views

Advisory ROSA-SA-2025-2888

Software: jose 10 OS: ROSA Virtualization 3.0 packageevrstring: jose-10-2.rv30.3 CVE-ID: CVE-2023-50967 BDU-ID: 2024-02461 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the C language module for signing and encrypting JSON latchset Jose objects is associated with uncontrolled resource consumption...

7.5CVSS6.4AI score0.02085EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/06/09 8:53 a.m.7 views

Advisory ROSA-SA-2025-2878

Software: jose 10 OS: ROSA Virtualization 2.1 packageevrstring: jose-10-2.rv3.3 CVE-ID: CVE-2023-50967 BDU-ID: 2024-02461 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the C language module for signing and encrypting JSON latchset Jose objects is associated with uncontrolled resource consumption...

7.5CVSS6.4AI score0.02085EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0145: container-tools:rhel8 bug fix and enhancement update (Moderate) (ALINUX3-SA-2024:0145)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0145 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-28176: jose is JavaScript module...

5.9CVSS7AI score0.02085EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2025/05/07 7:11 p.m.7 views

jose security update

An update is available for jose. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Jose is a C-language implementation of the Javascript Object Signing and...

7.5CVSS5.4AI score0.02085EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/20 5:8 p.m.34 views

Security Bulletin: Multiple Vulnerabilities in IBM Cloud Pak for Multicloud Management

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for Multicloud Management version 2.3 Fix Pack 10 Vulnerability Details CVEID:CVE-2024-28176 DESCRIPTION: Node.js jose module is vulnerable to a denial of service, caused by a flaw during JWE Decryption operations. By sending a...

7.5CVSS10AI score0.99298EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/26 6:43 p.m.9 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in Node.js jose module

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of Node.js jose module Vulnerability Details CVEID:CVE-2024-28176 DESCRIPTION: Node.js jose module is vulnerable to a denial of service, caused by a flaw during JWE Decryption operations. By sending a specially crafted reques...

5.9CVSS5.3AI score0.02085EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/11/12 8:46 a.m.18 views

Moderate: Red Hat Security Advisory: jose security update

An update for jose is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.5CVSS6.7AI score0.02085EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/11/12 12:0 a.m.9 views

RHEL 9 : jose (RHSA-2024:9181)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9181 advisory. Jose is a C-language implementation of the Javascript Object Signing and Encryption standards. The jose package is a dependency of the clevi...

7.5CVSS7.2AI score0.02085EPSS
Exploits1References9
OSV
OSV
added 2024/11/12 12:0 a.m.18 views

ALSA-2024:9181 Moderate: jose security update

Jose is a C-language implementation of the Javascript Object Signing and Encryption standards. The jose package is a dependency of the clevis and tang packages, together providing Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: jose: resource exhaustion CVE-2024-28176 jose: Denia...

7.5CVSS6.7AI score0.02085EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2024/11/04 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2024-0343)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.9AI score0.02085EPSS
Exploits0References11
Mageia
Mageia
added 2024/11/01 5:26 p.m.37 views

Updated buildah, podman, skopeo packages fix security vulnerabilities

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

8.6CVSS7.2AI score0.02085EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2024/08/14 12:0 a.m.21 views

Oracle Linux 8 : jose (ELSA-2024-5294)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5294 advisory. - Backport fix for CVE-2024-28176 Resolves: RHEL-28719 Tenable has extracted the preceding description block directly from the Oracle Linux security...

7.5CVSS7.2AI score0.02085EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/08/14 12:0 a.m.26 views

RHEL 8 : jose (RHSA-2024:5294)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5294 advisory. Jose is a C-language implementation of the Javascript Object Signing and Encryption standards. The jose package is a dependency of the clevi...

7.5CVSS7.3AI score0.02085EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/08/13 3:37 p.m.337 views

Moderate: Red Hat Security Advisory: jose security update

An update for jose is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.5CVSS6.7AI score0.02085EPSS
Exploits1References3
AlmaLinux
AlmaLinux
added 2024/08/13 12:0 a.m.40 views

Moderate: jose security update

Jose is a C-language implementation of the Javascript Object Signing and Encryption standards. The jose package is a dependency of the clevis and tang packages, together providing Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: jose: resource exhaustion CVE-2024-28176 jose: Denia...

7.5CVSS6.9AI score0.02085EPSS
Exploits1References6
Oracle linux
Oracle linux
added 2024/08/13 12:0 a.m.376 views

jose security update

10-2.3 - Backport fix for CVE-2024-28176 Resolves: RHEL-28719 10-2.2 - Fix tests on s390x Related: RHEL-29857 10-2.1 - Fixes CVE-2023-50967...

7.5CVSS7.1AI score0.02085EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/29 12:58 p.m.24 views

Security Bulletin: IBM Maximo Application Suite: jose-4.15.4.tgz is vulnerable to CVE-2024-28176 used in IBM Maximo Application Suite - Edge Data Collector

Summary IBM Maximo Application Suite - Edge Data Collector uses jose-4.15.4.tgz which is vulnerable to CVE-2024-28176 Vulnerability Details CVEID:CVE-2024-28176 DESCRIPTION: Node.js jose module is vulnerable to a denial of service, caused by a flaw during JWE Decryption operations. By sending a...

5.9CVSS5.3AI score0.02085EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/09 5:6 p.m.34 views

Security Bulletin: IBM Security QRadar EDR Software contains multiple vulnerabilities

Summary IBM Security QRadar EDR Software includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-45803 DESCRIPTION: urllib3 could allow a remote authenticate...

10CVSS8.1AI score0.0481EPSS
Exploits4Affected Software1
OSV
OSV
added 2024/07/02 2:10 p.m.40 views

RLSA-2024:3968 Moderate: container-tools:rhel8 bug fix and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: podman: jose-go: improper handling of highly compressed data CVE-2024-28180 buildah: jose-go: improper handling of highly compressed data CVE-2024-28180 podman: jose-g...

5.9CVSS6.7AI score0.02085EPSS
Exploits0References3
Rows per page
Query Builder