nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability...

FreeBSD : jose -- DoS vulnerability (02be46c1-f7cc-11ee-aa6b-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 02be46c1-f7cc-11ee-aa6b-b42e991fc52e advisory. - latchset jose through version 11 allows attackers to cause a denial of service CPU consumption via a...

CVE-2023-50967

latchset jose through version 11 allows attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value...

GHSA-9MG4-V392-8J68 erlang-jose vulnerable to denial of service via large p2c value

erlang-jose aka JOSE for Erlang and Elixir through 1.11.6 allow attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value in a JOSE header...

CVE-2023-50658

The jose2go component before 1.6.0 for Go allows attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value...

CVE-2023-51775

The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value...