2 matches found
CVE-2026-33204
CVE-2026-33204 affects the PHP library SimpleJWT prior to v1.1.1. An unauthenticated attacker can trigger a Denial of Service by tampering JWE headers when PBES2 algorithms are used, causing excessive PBKDF2 iterations during JWE::decrypt() on attacker-controlled JWEs. The issue is fixed in v1.1....
Apple OS X Mail Attachment Message Acquisition Vulnerability
Apple OS X is an operating system developed by Apple Inc. An issue with Apple OS X's handling of encryption parameters for very large email attachments sent via Mail Drop allows an attacker to exploit a vulnerability that could be exploited to intercept the contents of S/MIME encrypted attachment...