High severityNVD Advisory· Published Dec 17, 2025· Updated Jan 23, 2026
CVE-2024-29371
CVE-2024-29371
Description
In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.bitbucket.b_c:jose4jMaven | < 0.9.6 | 0.9.6 |
Affected products
106- osv-coords105 versionspkg:apk/chainguard/apache-pulsarpkg:apk/chainguard/apache-pulsar-compatpkg:apk/chainguard/confluent-common-dockerpkg:apk/chainguard/confluent-common-docker-basepkg:apk/chainguard/hadoop-fips-3.3.6pkg:apk/chainguard/kafka-3.7pkg:apk/chainguard/kafka-3.8pkg:apk/chainguard/kafka-4.0pkg:apk/chainguard/kafka_exporter-strimzi-compatpkg:apk/chainguard/kafka-iamguarded-compat-4.0pkg:apk/chainguard/kafka-strimzi-compatpkg:apk/chainguard/kayenta-2026.1pkg:apk/chainguard/kayenta-fips-2026.1pkg:apk/chainguard/prometheus-jmx-exporter-strimzi-compatpkg:apk/chainguard/strimzi-kafka-operatorpkg:apk/chainguard/strimzi-kafka-operator-cluster-operatorpkg:apk/chainguard/strimzi-kafka-operator-kafka-agentpkg:apk/chainguard/strimzi-kafka-operator-kafka-agent-3pkg:apk/chainguard/strimzi-kafka-operator-kafka-basepkg:apk/chainguard/strimzi-kafka-operator-kafka-initpkg:apk/chainguard/strimzi-kafka-operator-kafka-thirdparty-libspkg:apk/chainguard/strimzi-kafka-operator-kafka-thirdparty-libs-ccpkg:apk/chainguard/strimzi-kafka-operator-mirror-maker-agentpkg:apk/chainguard/strimzi-kafka-operator-topic-operatorpkg:apk/chainguard/strimzi-kafka-operator-tracing-agentpkg:apk/chainguard/strimzi-kafka-operator-user-operatorpkg:apk/wolfi/apache-pulsarpkg:apk/wolfi/apache-pulsar-compatpkg:apk/wolfi/confluent-common-dockerpkg:apk/wolfi/confluent-common-docker-basepkg:apk/wolfi/kafka-3.8pkg:apk/wolfi/kafka-4.0pkg:apk/wolfi/kafka_exporter-strimzi-compatpkg:apk/wolfi/kafka-iamguarded-compat-4.0pkg:apk/wolfi/kafka-strimzi-compatpkg:apk/wolfi/prometheus-jmx-exporter-strimzi-compatpkg:apk/wolfi/strimzi-kafka-operatorpkg:apk/wolfi/strimzi-kafka-operator-cluster-operatorpkg:apk/wolfi/strimzi-kafka-operator-kafka-agentpkg:apk/wolfi/strimzi-kafka-operator-kafka-agent-3pkg:apk/wolfi/strimzi-kafka-operator-kafka-basepkg:apk/wolfi/strimzi-kafka-operator-kafka-initpkg:apk/wolfi/strimzi-kafka-operator-kafka-thirdparty-libspkg:apk/wolfi/strimzi-kafka-operator-kafka-thirdparty-libs-ccpkg:apk/wolfi/strimzi-kafka-operator-mirror-maker-agentpkg:apk/wolfi/strimzi-kafka-operator-topic-operatorpkg:apk/wolfi/strimzi-kafka-operator-tracing-agentpkg:apk/wolfi/strimzi-kafka-operator-user-operatorpkg:maven/org.bitbucket.b_c/jose4jpkg:rpm/suse/suse-manager-5.0-aarch64-proxy-httpd-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-aarch64-proxy-httpd-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-aarch64-proxy-salt-broker-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-aarch64-proxy-salt-broker-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-aarch64-proxy-squid-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-aarch64-proxy-squid-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-aarch64-proxy-ssh-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-aarch64-proxy-ssh-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-aarch64-proxy-tftpd-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-aarch64-proxy-tftpd-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-aarch64-server-attestation-image&distro=SUSE%20Manager%20Server%205.0pkg:rpm/suse/suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image&distro=SUSE%20Manager%20Server%205.0pkg:rpm/suse/suse-manager-5.0-aarch64-server-image&distro=SUSE%20Manager%20Server%205.0pkg:rpm/suse/suse-manager-5.0-aarch64-server-migration-14-16-image&distro=SUSE%20Manager%20Server%205.0pkg:rpm/suse/suse-manager-5.0-ppc64le-proxy-httpd-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-ppc64le-proxy-httpd-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-ppc64le-proxy-salt-broker-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-ppc64le-proxy-salt-broker-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-ppc64le-proxy-squid-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-ppc64le-proxy-squid-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-ppc64le-proxy-ssh-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-ppc64le-proxy-ssh-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-ppc64le-proxy-tftpd-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-ppc64le-proxy-tftpd-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-ppc64le-server-attestation-image&distro=SUSE%20Manager%20Server%205.0pkg:rpm/suse/suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image&distro=SUSE%20Manager%20Server%205.0pkg:rpm/suse/suse-manager-5.0-ppc64le-server-image&distro=SUSE%20Manager%20Server%205.0pkg:rpm/suse/suse-manager-5.0-ppc64le-server-migration-14-16-image&distro=SUSE%20Manager%20Server%205.0pkg:rpm/suse/suse-manager-5.0-s390x-proxy-httpd-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-s390x-proxy-httpd-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-s390x-proxy-salt-broker-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-s390x-proxy-salt-broker-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-s390x-proxy-squid-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-s390x-proxy-squid-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-s390x-proxy-ssh-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-s390x-proxy-ssh-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-s390x-proxy-tftpd-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-s390x-proxy-tftpd-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-s390x-server-attestation-image&distro=SUSE%20Manager%20Server%205.0pkg:rpm/suse/suse-manager-5.0-s390x-server-hub-xmlrpc-api-image&distro=SUSE%20Manager%20Server%205.0pkg:rpm/suse/suse-manager-5.0-s390x-server-image&distro=SUSE%20Manager%20Server%205.0pkg:rpm/suse/suse-manager-5.0-s390x-server-migration-14-16-image&distro=SUSE%20Manager%20Server%205.0pkg:rpm/suse/suse-manager-5.0-x86_64-proxy-httpd-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-x86_64-proxy-httpd-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-x86_64-proxy-salt-broker-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-x86_64-proxy-salt-broker-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-x86_64-proxy-squid-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-x86_64-proxy-squid-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-x86_64-proxy-ssh-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-x86_64-proxy-ssh-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-x86_64-proxy-tftpd-image&distro=SUSE%20Manager%20Proxy%205.0pkg:rpm/suse/suse-manager-5.0-x86_64-proxy-tftpd-image&distro=SUSE%20Manager%20Retail%20Branch%20Server%20Extension%205.0pkg:rpm/suse/suse-manager-5.0-x86_64-server-attestation-image&distro=SUSE%20Manager%20Server%205.0pkg:rpm/suse/suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image&distro=SUSE%20Manager%20Server%205.0pkg:rpm/suse/suse-manager-5.0-x86_64-server-image&distro=SUSE%20Manager%20Server%205.0pkg:rpm/suse/suse-manager-5.0-x86_64-server-migration-14-16-image&distro=SUSE%20Manager%20Server%205.0
< 4.1.2-r2+ 104 more
- (no CPE)range: < 4.1.2-r2
- (no CPE)range: < 4.1.2-r2
- (no CPE)range: < 7.6.9-r1
- (no CPE)range: < 7.6.9-r0
- (no CPE)range: < 3.3.6-r19
- (no CPE)range: < 3.7.2-r50
- (no CPE)range: < 3.8.1-r49
- (no CPE)range: < 4.0.1-r2
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 4.0.1-r2
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 2026.1.0-r1
- (no CPE)range: < 2026.1.0-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r5
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 4.1.2-r2
- (no CPE)range: < 4.1.2-r2
- (no CPE)range: < 7.6.9-r1
- (no CPE)range: < 7.6.9-r0
- (no CPE)range: < 3.8.1-r49
- (no CPE)range: < 4.0.1-r2
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 4.0.1-r2
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r5
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.49.1-r1
- (no CPE)range: < 0.9.6
- (no CPE)range: < 5.0.7-7.30.13
- (no CPE)range: < 5.0.7-7.30.13
- (no CPE)range: < 5.0.7-7.32.15
- (no CPE)range: < 5.0.7-7.32.15
- (no CPE)range: < 5.0.7-7.30.6
- (no CPE)range: < 5.0.7-7.30.6
- (no CPE)range: < 5.0.7-7.30.5
- (no CPE)range: < 5.0.7-7.30.5
- (no CPE)range: < 5.0.7-7.30.5
- (no CPE)range: < 5.0.7-7.30.5
- (no CPE)range: < 5.0.7-6.34.5
- (no CPE)range: < 5.0.7-6.30.7
- (no CPE)range: < 5.0.7-7.37.12
- (no CPE)range: < 5.0.7-7.30.7
- (no CPE)range: < 5.0.7-7.30.13
- (no CPE)range: < 5.0.7-7.30.13
- (no CPE)range: < 5.0.7-7.32.15
- (no CPE)range: < 5.0.7-7.32.15
- (no CPE)range: < 5.0.7-7.30.6
- (no CPE)range: < 5.0.7-7.30.6
- (no CPE)range: < 5.0.7-7.30.5
- (no CPE)range: < 5.0.7-7.30.5
- (no CPE)range: < 5.0.7-7.30.5
- (no CPE)range: < 5.0.7-7.30.5
- (no CPE)range: < 5.0.7-6.34.5
- (no CPE)range: < 5.0.7-6.30.7
- (no CPE)range: < 5.0.7-7.37.12
- (no CPE)range: < 5.0.7-7.30.7
- (no CPE)range: < 5.0.7-7.30.13
- (no CPE)range: < 5.0.7-7.30.13
- (no CPE)range: < 5.0.7-7.32.15
- (no CPE)range: < 5.0.7-7.32.15
- (no CPE)range: < 5.0.7-7.30.6
- (no CPE)range: < 5.0.7-7.30.6
- (no CPE)range: < 5.0.7-7.30.5
- (no CPE)range: < 5.0.7-7.30.5
- (no CPE)range: < 5.0.7-7.30.5
- (no CPE)range: < 5.0.7-7.30.5
- (no CPE)range: < 5.0.7-6.34.5
- (no CPE)range: < 5.0.7-6.30.7
- (no CPE)range: < 5.0.7-7.37.12
- (no CPE)range: < 5.0.7-7.30.7
- (no CPE)range: < 5.0.7-7.30.13
- (no CPE)range: < 5.0.7-7.30.13
- (no CPE)range: < 5.0.7-7.32.15
- (no CPE)range: < 5.0.7-7.32.15
- (no CPE)range: < 5.0.7-7.30.6
- (no CPE)range: < 5.0.7-7.30.6
- (no CPE)range: < 5.0.7-7.30.5
- (no CPE)range: < 5.0.7-7.30.5
- (no CPE)range: < 5.0.7-7.30.5
- (no CPE)range: < 5.0.7-7.30.5
- (no CPE)range: < 5.0.7-6.34.5
- (no CPE)range: < 5.0.7-6.30.7
- (no CPE)range: < 5.0.7-7.37.12
- (no CPE)range: < 5.0.7-7.30.7
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.