VYPR

Jss

by Dogtag

Source repositories

CVEs (3)

  • CVE-2022-4132Oct 4, 2023
    risk 0.00cvss epss 0.01

    A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).

  • CVE-2021-4213Aug 24, 2022
    risk 0.00cvss epss 0.01

    A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.

  • CVE-2019-14823Oct 14, 2019
    risk 0.00cvss epss 0.01

    A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be…