← Back

Dvsekhvalnov

dvsekhvalnov

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Jose2go
jose2go
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-63811
1Dvsekhvalnov
1Jose2go
Dec 31, 2025
Nov 12, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
An issue was discovered in dvsekhvalnov jose2go 1.5.0 thru 1.7.0 allowing an attacker to cause a Denial-of-Service (DoS) via crafted JSON Web Encryption (JWE) token with an exceptionally high compression ratio.
CVE-2023-50658
1Dvsekhvalnov
1Jose2go
Feb 14, 2025
Feb 29, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
The jose2go component before 1.6.0 for Go allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.