DirectorySecurity Advisories
Sign In
Security Advisories

CGA-fq98-568c-76gh

Published

Last updated

https://images.chainguard.dev/security/CGA-fq98-568c-76gh
Package

telegraf-1.29

Latest Update
Fixed
Fixed Version

1.29.1-r1

Aliases
  • GHSA-mhpq-9638-x6pw

Severity

5.3

Medium

CVSS V3

Summary

Denial of service when decrypting attack controlled input in github.com/dvsekhvalnov/jose2go

Description

An attacker controlled input of a PBES2 encrypted JWE blob can have a very large p2c value that, when decrypted, produces a denial-of-service.

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images