VYPR

Hex (Elixir) package

jose

pkg:hex/jose

Vulnerabilities (1)

  • CVE-2023-50966MedMar 19, 2024
    affected < 1.11.7fixed 1.11.7

    erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header.