3 matches found
SimpleJWT 资源管理错误漏洞
SimpleJWT is a JSON Web Token library written in PHP by Kelvin Mo as a personal project. Versions of SimpleJWT prior to 1.1.1 contained a resource management vulnerability. This vulnerability arises from the use of the PBES2 algorithm, allowing unauthenticated attackers to perform denial-of-servi...
CVE-2026-27932
joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service DoS via CPU exhaustion. When the library...
PT-2023-8747
Name of the Vulnerable Software and Affected Versions jose4j versions prior to 0.9.4 Description The issue is related to the improper implementation of the PBES2 algorithm in the jose4j component when handling the p2c parameter. This can allow a remote attacker to cause a denial of service due to...