Security Overview · panva/jose · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Report a vulnerability

Resource exhaustion via specifically crafted JWE with compressed plaintext
GHSA-hhhv-q57g-882q published Mar 7, 2024 by panva

Moderate
Resource exhaustion via specifically crafted JWE
GHSA-jv3g-j58f-9mq9 published Sep 6, 2022 by panva

Moderate
Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-esm-runtime
GHSA-4v4g-726h-xvfv published Apr 15, 2021 by panva

Moderate
Padding Oracle Attack due to Observable Timing Discrepancy in jose-browser-runtime
GHSA-94hh-pjjg-rwmr published Apr 15, 2021 by panva

Moderate
Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-cjs-runtime
GHSA-rvcw-f68w-8h8h published Apr 15, 2021 by panva

Moderate
Padding Oracle Attack due to Observable Timing Discrepancy in jose
GHSA-58f5-hfqc-jgch published Apr 15, 2021 by panva

Moderate

Learn more about advisories related to panva/jose in the GitHub Advisory Database