Nimbus Josejwt Connect2id Nimbus Josejwt

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Connect2id Nimbus Josejwt.

By the Year

In 2025 there have been 0 vulnerabilities in Connect2id Nimbus Josejwt. Last year, in 2024 Nimbus Josejwt had 1 security vulnerability published. Right now, Nimbus Josejwt is on track to have less security vulnerabilities in 2025 than it did last year.

Year Vulnerabilities Average Score
2025 0 0.00
2024 1 7.50
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 1 9.80
2018 0 0.00

It may take a day or so for new Nimbus Josejwt vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Connect2id Nimbus Josejwt Security Vulnerabilities

In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption)

CVE-2023-52428 7.5 - High - February 11, 2024

In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component.

Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT

CVE-2019-17195 9.8 - Critical - October 15, 2019

Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.

Improper Handling of Exceptional Conditions

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Oracle Solaris Cluster or by Connect2id? Click the Watch button to subscribe.

Connect2id
Vendor

subscribe