CVE-2024-28176
- EPSS 0.42%
- Veröffentlicht 09.03.2024 01:15:07
- Zuletzt bearbeitet 05.12.2025 16:48:46
jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more. A vulnerability has been iden...
CVE-2022-36083
- EPSS 0.39%
- Veröffentlicht 07.09.2022 22:15:08
- Zuletzt bearbeitet 21.11.2024 07:12:20
JOSE is "JSON Web Almost Everything" - JWA, JWS, JWE, JWT, JWK, JWKS with no dependencies using runtime's native crypto in Node.js, Browser, Cloudflare Workers, Electron, and Deno. The PBKDF2-based JWE key management algorithms expect a JOSE Header P...
CVE-2021-29443
- EPSS 0.32%
- Veröffentlicht 16.04.2021 18:15:13
- Zuletzt bearbeitet 21.11.2024 06:01:06
jose is an npm library providing a number of cryptographic operations. In vulnerable versions AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if ...