The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.
History

Wed, 16 Oct 2024 02:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:jboss_enterprise_application_platform:7.4
cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9

Wed, 14 Aug 2024 20:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-12-25T00:00:00

Updated: 2024-08-14T18:42:03.439Z

Reserved: 2023-12-25T00:00:00

Link: CVE-2023-51775

cve-icon Vulnrichment

Updated: 2024-08-02T22:48:11.248Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-02-29T01:42:05.637

Modified: 2024-11-21T08:38:46.480

Link: CVE-2023-51775

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-02-29T00:00:00Z

Links: CVE-2023-51775 - Bugzilla