Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jose-php project jose-php vulnerabilities and exploits
(subscribe to this query)
3.7
CVSSv3
CVE-2016-5429
jose-php prior to 2.2.1 does not use constant-time operations for HMAC comparison, which makes it easier for remote malicious users to obtain sensitive information via a timing attack, related to JWE.php and JWS.php.
Jose-php Project Jose-php
5.3
CVSSv3
CVE-2016-5430
The RSA 1.5 algorithm implementation in the JOSE_JWE class in JWE.php in jose-php prior to 2.2.1 lacks the Random Filling protection mechanism, which makes it easier for remote malicious users to obtain cleartext data via a Million Message Attack (MMA).
Jose-php Project Jose-php
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started