Search CVE reports
1 – 2 of 2 results
CVE-2024-28176
Medium priorityjose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more....
1 affected packages
node-jose
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
node-jose | Needs evaluation | Needs evaluation | Not in release | — | — |
CVE-2022-36083
Medium priorityJOSE is "JSON Web Almost Everything" - JWA, JWS, JWE, JWT, JWK, JWKS with no dependencies using runtime's native crypto in Node.js, Browser, Cloudflare Workers, Electron, and Deno. The PBKDF2-based JWE key management algorithms...
2 affected packages
jose, node-jose
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
jose | Needs evaluation | Not affected | Not affected | Not affected | Ignored |
node-jose | Not affected | Vulnerable | Not in release | Not in release | Ignored |