Security Overview · lestrrat-go/jwx · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Report a vulnerability

Potential denial of service attack using compressed JWE message
GHSA-hj3v-m684-v259 published Mar 7, 2024 by lestrrat

Moderate
Parsing JSON serialized payload without protected field can lead to panic
GHSA-pvcr-v8j8-j5q3 published Jan 9, 2024 by lestrrat

Moderate
Malicious parameters in JWE can cause a DOS
GHSA-7f9x-gw85-8grf published Dec 3, 2023 by lestrrat

Moderate
Potential Padding Oracle Attack Vulnerability
GHSA-rm8v-mxj3-5rmq published Jun 14, 2023 by lestrrat

Moderate

Learn more about advisories related to lestrrat-go/jwx in the GitHub Advisory Database