Vulnerabilities

CVE-2023-52428

by Fred · 10/02/2024

In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component.

Date published : 2024-02-10

https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e

https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/

Similar

Tags: Cybersecurity Alert

CVE-2023-52428

Similar

Recent Posts

Categories

CVE-2023-52428

Share this:

Similar

Recent Posts

Categories

Tags