Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

npm

jose

npm

JWA, JWS, JWE, JWT, JWK, JWKS for Node.js, Browser, Cloudflare Workers, Deno, Bun, and other Web-interoperable runtimes

View on github.com · View on npmjs.org

Security Advisories for jose in npm

Moderate
over 1 year ago

jose vulnerable to resource exhaustion via specifically crafted JWE with compressed plaintext GSA_kwCzR0hTQS1oaGh2LXE1N2ctODgycc4AA502

npm jose, jose-node-esm-runtime, jose-node-cjs-runtime
Moderate
about 3 years ago

JOSE vulnerable to resource exhaustion via specifically crafted JWE GSA_kwCzR0hTQS1qdjNnLWo1OGYtOW1xOc4AAu1m

npm jose-node-esm-runtime, jose-node-cjs-runtime, jose-browser-runtime, jose
Moderate
over 4 years ago

Padding Oracle Attack due to Observable Timing Discrepancy in jose MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU4ZjUtaGZxYy1qZ2No

npm jose

Filter by Severity

Moderate 3