ГлавнаяУязвимости → CVE-2023-50658
7.5высокая

CVE-2023-50658

Описание

The jose2go component before 1.6.0 for Go allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.

Затрагиваемое ПО
Dvsekhvalnov Jose2go
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://github.com/dvsekhvalnov/jose2go/commit/a4584e9dd7128608fedbc67892eba9697f0d5317https://github.com/dvsekhvalnov/jose2go/compare/v1.5.0...v1.6.0https://github.com/dvsekhvalnov/jose2go/commit/a4584e9dd7128608fedbc67892eba9697f0d5317https://github.com/dvsekhvalnov/jose2go/compare/v1.5.0...v1.6.0