Skip to main content

Go Jose

3 CVEs product

Monthly

CVE-2016-9123 Go HIGH PATCH GHSA This Week

go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit architectures. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Authentication Bypass Go Jose
NVD GitHub
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-9122 Go HIGH PATCH This Week

go-jose before 1.0.4 suffers from multiple signatures exploitation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Go Jose
NVD GitHub
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-9121 Go CRITICAL PATCH Act Now

go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Go Jose
NVD GitHub
CVSS 3.0
9.1
EPSS
0.2%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit architectures. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Authentication Bypass Go Jose
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

go-jose before 1.0.4 suffers from multiple signatures exploitation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Go Jose
NVD GitHub
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Go Jose
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy