potatosalad/erlang-jose

Releases46

Frequency2 months 3 weeks

Last Release 7 months ago

Stars334

JSON Object Signing and Encryption (JOSE) for Erlang and Elixir

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-50966 ↗	Mar 19, 2024Tuesday, 19 March 2024, 15:15	5.3 MEDIUM	—
erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header.