Jose4j Project: >> Jose4j >> 0.2.0 Security Vulnerabilities
The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.
CVSS Score
6.5
EPSS Score
0.005
Published
2024-02-29
jose4j before v0.9.3 allows attackers to set a low iteration count of 1000 or less.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-10-25