​
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-gw52-mj78-8v54

Published

Last updated

https://images.chainguard.dev/security/CGA-gw52-mj78-8v54
Package

kafka-jre-bcfips

Latest Update
Fixed
Fixed Version

3.7.0-r0

Aliases
  • CVE-2023-51775
  • GHSA-6qvw-249j-h44c

Severity

6.5

Medium

CVSS V3

Summary

jose4j denial of service via specifically crafted JWE

Description

The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.

References

Updates

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsOpen SourceCareersNewsroomLegal

Resources

Unchained BlogResearchEventsTrust CenterDocumentation