CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Lestrrat-Go: >> Jwx >> 2.0.19 Security Vulnerabilities

CVE-2024-28122

JWX is Go module implementing various JWx (JWA/JWE/JWK/JWS/JWT, otherwise known as JOSE) technologies. This vulnerability allows an attacker with a trusted public key to cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. This issue has been patched in versions 1.2.29 and 2.0.21.

CVSS Score

6.8

EPSS Score

0.002

Published

2024-03-09

Page 1

Vulnerabilities

Vulnerable Software

Lestrrat-Go: >> Jwx >> 2.0.19 Security Vulnerabilities

Products

Pricing

Contact Us