CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Tenable Nessus•added 2025/01/07 12:0 a.m.•18 views

Atlassian Jira Service Management Data Center and Server 5.1.x < 5.4.19 / 5.5.x < 5.12.6 (JSDSERVER-15626)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-15626 advisory. - In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service resource...

7.5CVSS6.5AI score0.00105EPSS

Exploits0References2

RedhatCVE•added 2024/09/04 5:45 p.m.•36 views

CVE-2023-52428

A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service DoS...

7.5CVSS6.6AI score0.00105EPSS

Exploits0References3

BDU FSTEC•added 2024/04/26 12:0 a.m.•1 views

The vulnerability of the PasswordBasedDecrypter component in the Nimbus JOSE + JWT Java library allows a hacker to trigger a service failure.

The vulnerability of the PasswordBasedDecrypter component in the Nimbus JOSE + JWT Java library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS6.4AI score0.00105EPSS

Exploits0References6Affected Software3

Github Security Blog•added 2024/02/11 6:30 a.m.•82 views

Denial of Service in Connect2id Nimbus JOSE+JWT

In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service resource consumption via a large JWE p2c header value aka iteration count for the PasswordBasedDecrypter PBKDF2 component...

7.5CVSS7AI score0.00105EPSS

Exploits0References5Affected Software1