Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-50658

Published: 29/02/2024 Updated: 29/02/2024

Vulnerability Summary

The jose2go component prior to 1.6.0 for Go allows malicious users to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.

Vendor Advisories

Debian CVElist Bug Report Logs: golang-github-dvsekhvalnov-jose2go: CVE-2023-50658
Debian Bug report logs - #1059507 golang-github-dvsekhvalnov-jose2go: CVE-2023-50658 Package: src:golang-github-dvsekhvalnov-jose2go; Maintainer for src:golang-github-dvsekhvalnov-jose2go is Debian Go Packaging Team <team+pkg-go@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 27 D ...

References

https://github.com/dvsekhvalnov/jose2go/commit/a4584e9dd7128608fedbc67892eba9697f0d5317https://github.com/dvsekhvalnov/jose2go/compare/v1.5.0...v1.6.0https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059507
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook