jose-node-esm-runtime is vulnerable to padding oracle attack. An attacker is able to exploit a padding error without knowing the decryption key by issuing on average 128*b calls to the padding oracle while decrypting the ciphertext which makes a padding error .
CPE | Name | Operator | Version |
---|---|---|---|
jose-node-esm-runtime | le | 3.11.3 |