Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-6294-6rgp-fr7r: jose2go vulnerable to denial of service via large p2c value

The jose2go component before 1.6.0 for Go allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.

ghsa
#dos

ghsa: Latest News

GHSA-v62p-rq8g-8h59: pbkdf2 silently disregards Uint8Array input, returning static keys