6.6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
8.4%
jose4j is vulnerable to Denial of Service (DoS). The vulnerability is due to insufficient validation of a large p2c (PBES2 Count) value, allowing attackers to trigger excessive CPU usage. This potentially leads to Denial of Service (DoS).
bitbucket.org/b_c/jose4j/commits/1afaa1e174b3
bitbucket.org/b_c/jose4j/issues/212
github.com/advisories/GHSA-6qvw-249j-h44c