Astra Linux - уязвимость в erlang-jose

In versions 1.11.6 and earlier of erlang-jose also known as JOSE for Erlang and Elixir, attackers can exploit this vulnerability to cause a denial of service attack, resulting in high CPU usage. This vulnerability is exploited by setting a large value of p2c also known as PBES2 Count in the JOSE...

CBL Mariner 2.0 Security Update: rabbitmq-server (CVE-2023-50966)

The version of rabbitmq-server installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-50966 advisory. - erlang-jose aka JOSE for Erlang and Elixir through 1.11.6 allow attackers to cause a denial of...

Azure Linux 3.0 Security Update: rabbitmq-server (CVE-2023-50966)

The version of rabbitmq-server installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-50966 advisory. - erlang-jose aka JOSE for Erlang and Elixir through 1.11.6 allow attackers to cause a denial of...

erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header.

...

Fedora: Security Advisory (FEDORA-2024-9484b6915b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-a8d7972ef6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: erlang-jose-1.11.10-1.fc40

JSON Object Signing and Encryption JOSE for Erlang and Elixir...

Fedora 39 : erlang-jose (2024-9484b6915b)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-9484b6915b advisory. Re-reviewed Jose ver. 1.11.10 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not test...

Fedora 40 : erlang-jose (2024-a8d7972ef6)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-a8d7972ef6 advisory. Re-reviewed Jose ver. 1.11.10 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not test...

The vulnerability of the module for signing and encrypting JSON objects in Erlang and Elixir programming languages, namely erlang-jose (JOSE for Erlang), involves an uncontrolled resource consumption. This allows a malicious actor to trigger a service failure.

The vulnerability of the module for signing and encrypting JSON objects in Erlang and Elixir programming languages, namely erlang-jose JOSE for Erlang, is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotel...

GHSA-9MG4-V392-8J68 erlang-jose vulnerable to denial of service via large p2c value

erlang-jose aka JOSE for Erlang and Elixir through 1.11.6 allow attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value in a JOSE header...

erlang-jose vulnerable to denial of service via large p2c value

erlang-jose aka JOSE for Erlang and Elixir through 1.11.6 allow attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value in a JOSE header...

AZL-39857 CVE-2023-50966 affecting package rabbitmq-server for versions less than 3.11.24-2

erlang-jose aka JOSE for Erlang and Elixir through 1.11.6 allow attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value in a JOSE header...

CVE-2023-50966

erlang-jose aka JOSE for Erlang and Elixir through 1.11.6 allow attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value in a JOSE header...

AZL-39719 CVE-2023-50966 affecting package rabbitmq-server for versions less than 3.13.7-1

erlang-jose aka JOSE for Erlang and Elixir through 1.11.6 allow attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value in a JOSE header...

DEBIAN-CVE-2023-50966

erlang-jose aka JOSE for Erlang and Elixir through 1.11.6 allow attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value in a JOSE header...

CVE-2023-50966

erlang-jose aka JOSE for Erlang and Elixir through 1.11.6 allow attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value in a JOSE header...

UBUNTU-CVE-2023-50966

erlang-jose aka JOSE for Erlang and Elixir through 1.11.6 allow attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value in a JOSE header...

PT-2024-2567 · Unknown +2 · Erlang-Jose +2

Name of the Vulnerable Software and Affected Versions: erlang-jose versions through 1.11.6 Description: The issue is related to an uncontrolled resource consumption in the erlang-jose module for JSON object signing and encryption for Erlang and Elixir languages. This can be exploited by a remote...

CVE-2023-50966

erlang-jose aka JOSE for Erlang and Elixir through 1.11.6 allow attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value in a JOSE header...