USN-6307-1: JOSE for C/C++ vulnerability

2023-08-25 KENNETH Ubuntu security 0

USN-6307-1: JOSE for C/C++ vulnerability

It was discovered that JOSE for C/C++ AES GCM decryption routine incorrectly
uses the Tag length from the actual Authentication Tag provided in the JWE.
An attacker could use this to cause a denial of service (system crash) or
might expose sensitive information.
Source: USN-6307-1: JOSE for C/C++ vulnerability

About KENNETH 19694 Articles
지락문화예술공작단

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.