CVE-2023-50658: jose2go vulnerable to denial of service via large p2c value

(updated )

The jose2go component before 1.6.0 for Go allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.

References

Code Behaviors & Features

Detect and mitigate CVE-2023-50658 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →