Go-Jose Project: >> Go-Jose >> 1.0.4 Security Vulnerabilities
go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit architectures. An integer overflow could lead to authentication bypass for CBC-HMAC encrypted ciphertexts on 32-bit architectures.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-03-28