Lucene search
Veracode Vulnerability DatabaseVERACODE:45705HistoryMar 01, 2024 - 4:45 a.m.
Denial Of Service (DoS)
2024-03-0104:45:07
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
jose2go
software vulnerability
input validation
p2c parameter
denial of service
cpu consumption
jose2go is vulnerable to Denial of Service (DoS). The vulnerability is caused due to a lack of input validation and handling for the “p2c” (PBES2 Count) parameter. This allows an attacker to provide a large “p2c” value, leading to a Denial of Service (DoS) (CPU consumption) vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/dvsekhvalnov/jose2go | eq | HEAD | |
| github.com/dvsekhvalnov/jose2go | eq | HEAD |
Related
osv
osv
jose2go vulnerable to denial of service via large p2c value
2024-02-29 03:33:14
Denial of service when decrypting attack controlled input in github.com/dvsekhvalnov/jose2go
2023-12-20 20:31:57
CVE-2023-50658
2024-02-29 01:42:01
cbl_mariner
cbl_mariner
CVE-2023-50658 affecting package telegraf for versions less than 1.29.4-1
2024-04-10 21:48:40
CVE-2023-50658 affecting package telegraf for versions less than 1.29.4-1
2024-04-17 22:02:46
cvelist
cvelist
CVE-2023-50658
2023-12-25 00:00:00
prion
prion
Input validation
2024-02-29 01:42:00
debiancve
debiancve
CVE-2023-50658
2024-02-29 01:42:01
github
github
jose2go vulnerable to denial of service via large p2c value
2024-02-29 03:33:14
nvd
nvd
CVE-2023-50658
2024-02-29 01:42:01
ubuntucve
ubuntucve
CVE-2023-50658
2024-02-29 00:00:00
cve
cve
CVE-2023-50658
2024-02-29 01:42:01
cgr
cgr
CVE-2023-50658 vulnerabilities
2024-05-19 03:07:16
wolfi
wolfi
CVE-2023-50658 vulnerabilities
2024-07-04 03:08:38