Skip to main content

Node Jose

2 CVEs product

Monthly

CVE-2023-25653 npm HIGH PATCH This Week

node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for web browsers and node.js-based servers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Node.js Denial Of Service Node Jose
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2018-0114 npm HIGH POC PATCH THREAT This Week

A vulnerability in the Cisco node-jose open source library before 0.11.0 could allow an unauthenticated, remote attacker to re-sign tokens using a key that is embedded within the token. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Jwt Attack Information Disclosure Cisco Node Jose
NVD GitHub Exploit-DB
CVSS 3.1
7.5
EPSS
42.7%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for web browsers and node.js-based servers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Node.js Denial Of Service Node Jose
NVD GitHub
EPSS 43% CVSS 7.5
HIGH POC PATCH THREAT This Week

A vulnerability in the Cisco node-jose open source library before 0.11.0 could allow an unauthenticated, remote attacker to re-sign tokens using a key that is embedded within the token. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Jwt Attack Information Disclosure Cisco +1
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy