Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.5 views

Fedora 44 : opkssh (2026-af08c3b44f)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-af08c3b44f advisory. Fix CVE-2026-34986 in bundled go-jose Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

7.5CVSS5.5AI score0.00651EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2023/11/21 10:17 p.m.18 views

Decryption of malicious PBES2 JWE objects can consume unbounded system resources

The go-jose package is subject to a "billion hashes attack" causing denial-of-service when decrypting JWE inputs. This occurs when an attacker can provide a PBES2 encrypted JWE blob with a very large p2c value that, when decrypted, produces a denial-of-service...

7AI score
Exploits0References4Affected Software2
OSV
OSV
added 2023/11/21 10:17 p.m.31 views

GHSA-2C7C-3MJ9-8FQH Decryption of malicious PBES2 JWE objects can consume unbounded system resources

The go-jose package is subject to a "billion hashes attack" causing denial-of-service when decrypting JWE inputs. This occurs when an attacker can provide a PBES2 encrypted JWE blob with a very large p2c value that, when decrypted, produces a denial-of-service...

7AI score
Exploits0References4
OSV
OSV
added 2023/11/21 3:39 p.m.42 views

GO-2023-2334 Denial of service via decryption of malicious PBES2 JWE objects in github.com/go-jose/go-jose/v3

The go-jose package is subject to a "billion hashes attack" causing denial-of-service when decrypting JWE inputs. This occurs when an attacker can provide a PBES2 encrypted JWE blob with a very large p2c value that, when decrypted, produces a denial-of-service...

7AI score
Exploits0References2
Rows per page
Query Builder