Lucene search
GoogleOSV:GHSA-GVPG-VGMX-XG6WHistoryFeb 11, 2024 - 6:30 a.m.
Denial of Service in Connect2id Nimbus JOSE+JWT
2024-02-1106:30:27
Google
osv.dev
15
connect2id
nimbus jose+jwt
denial of service
vulnerability
passwordbaseddecrypter
pbkdf2
In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component.
Related
nessus
nessus
Atlassian Jira Service Management Data Center and Server < 5.4.19 / 5.11.x < 5.12.6 (JSDSERVER-15248)
2024-05-02 00:00:00
Oracle Primavera Unifier DoS (Apr 2024 CPU)
2024-04-17 00:00:00
Oracle Business Intelligence Enterprise Edition (July 2024 CPU)
2024-07-22 00:00:00
osv
osv
CVE-2023-52428
2024-02-11 05:15:08
CGA-7v5w-r37c-32w7
2024-06-06 12:25:03
CGA-7x8r-hc4w-927c
2024-06-06 12:23:32
ibm
ibm
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Connect2id Nimbus-JOSE-JWT ( CVE-2023-52428)
2024-08-05 19:50:11
github
github
Denial of Service in Connect2id Nimbus JOSE+JWT
2024-02-11 06:30:27
nvd
nvd
CVE-2023-52428
2024-02-11 05:15:08
redhatcve
redhatcve
CVE-2023-52428
2024-09-04 17:45:08
cgr
cgr
CVE-2023-52428 vulnerabilities
2024-05-19 03:07:16
cvelist
cvelist
CVE-2023-52428
2024-02-11 00:00:00
wolfi
wolfi
CVE-2023-52428 vulnerabilities
2024-09-19 21:18:36
prion
prion
Code injection
2024-02-11 05:15:00
vulnrichment
vulnrichment
CVE-2023-52428
2024-02-11 00:00:00
cve
cve
CVE-2023-52428
2024-02-11 05:15:08
redhat
redhat
oracle
oracle
Oracle Critical Patch Update Advisory - July 2024
2024-07-16 00:00:00
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00