Vulnerability Database

Published: Dec 20, 2023
Updated: Dec 21, 2023
GHSA: <a href="https://github.com/advisories/GHSA-mhpq-9638-x6pw" target="_blank" rel="noopener"> GHSA-mhpq-9638-x6pw
Severity: Medium
Exploit:

318,206

Total vulnerabilities in the database

An attacker controlled input of a PBES2 encrypted JWE blob can have a very large p2c value that, when decrypted, produces a denial-of-service.

CVSS v3:

CWEs:

Software	From	Fixed in
github.com/dvsekhvalnov/jose2go	-	1.5.1-0.20231206184617-48ba0b76bc88

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.