VYPR

node-jose

by Cisco Systems, Inc.

npm: node-jose

Source repositories

CVEs (1)

  • CVE-2023-25653Feb 16, 2023
    risk 0.00cvss epss 0.01

    node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for web browsers and node.js-based servers. Prior to version 2.2.0, when using the non-default "fallback" crypto back-end, ECC operations in `node-jose` can trigger a Denial-of-Service…