Jose4jproject Jose4j
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Jose4jproject Jose4j.
By the Year
In 2026 there have been 0 vulnerabilities in Jose4jproject Jose4j. Jose4j did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 6.50 |
| 2023 | 1 | 7.50 |
It may take a day or so for new Jose4j vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jose4jproject Jose4j Security Vulnerabilities
DoS in jose4j <0.9.4 via large PBES2 Count (CVE-2023-51775)
CVE-2023-51775
6.5 - Medium
- February 29, 2024
The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.
Resource Exhaustion
jose4j <0.9.3: KDF iteration count can be reduced to <1000 (CVE-2023-31582)
CVE-2023-31582
7.5 - High
- October 25, 2023
jose4j before v0.9.3 allows attackers to set a low iteration count of 1000 or less.
Insufficient Entropy
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jose4jproject Jose4j or by Jose4jproject? Click the Watch button to subscribe.
