Lestrrat-go Jwx
3 CVEs affecting Lestrrat-go Jwx. Latest disclosed: 2024-03-09. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-28122 | Medium | 6.8 | 2024-03-09 | JWX is Go module implementing various JWx (JWA/JWE/JWK/JWS/JWT, otherwise known as JOSE) technologies. This vulnerability allows an attacker with a trusted pu… |
CVE-2023-49290 | Medium | 5.3 | 2023-12-05 | lestrrat-go/jwx is a Go module implementing various JWx (JWA/JWE/JWK/JWS/JWT, otherwise known as JOSE) technologies. A p2c parameter set too high in JWE's algo… |
CVE-2024-21664 | Medium | 4.3 | 2024-01-09 | jwx is a Go module implementing various JWx (JWA/JWE/JWK/JWS/JWT, otherwise known as JOSE) technologies. Calling `jws.Parse` with a JSON serialized payload whe… |