github.com/square/go-jose is vulnerable to Authentication Bypass. The vulnerability is due to missing size checks resulting in CBC-HMAC integers overflowing on 32-bit architectures. This could lead to authentication bypass for CBC-HMAC encrypted ciphertexts.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/square/go-jose | le | v1.0.4 | |
github.com/square/go-jose | le | v1.0.4 |