VDB
CVE-2023-49290
CVE-2023-49290
PUBLISHED
CVSS 5.300000190734863 MEDIUM
lestrrat-go/jwx's malicious parameters in JWE can cause a DOS
EPSS 0.18% · 39.7th percentile
Risk Scores
CVSS v3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
0.18%
39.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| lestrrat-go | jwx | 0, 2.0.0, < 1.2.27 |
| github.com | lestrrat-go/jwx | 0, 0 |
| github.com | lestrrat-go/jwx/v2 | 0, 0 |
Timeline
- Dec 4, 2023 CVE Published
- Dec 5, 2023 EPSS Score
- Jan 3, 2024 EPSS Score
- Jan 23, 2024 CVE Updated
- Feb 2, 2024 EPSS Score
- Mar 2, 2024 EPSS Score
- Apr 1, 2024 EPSS Score
- Apr 30, 2024 EPSS Score
- May 30, 2024 EPSS Score
- Jun 28, 2024 EPSS Score
- Aug 26, 2024 EPSS Score
- Sep 25, 2024 EPSS Score