jose4j before v0.9.3 allows attackers to set a low iteration count of 1000
or less.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 22.04 | noarch | libjose4j-java | < any | UNKNOWN |
ubuntu | 23.10 | noarch | libjose4j-java | < any | UNKNOWN |
ubuntu | 24.04 | noarch | libjose4j-java | < any | UNKNOWN |