Upstream information

CVE-2023-50967 at MITRE

Description

latchset jose through version 11 allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having important severity.

SUSE Bugzilla entry: 1221804 [NEW]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
SUSE Liberty Linux 8
  • jose >= 10-2.el8_10.3
  • libjose >= 10-2.el8_10.3
  • libjose-devel >= 10-2.el8_10.3
Patchnames:
RHSA-2024:5294


SUSE Timeline for this CVE

CVE page created: Wed Mar 20 19:00:07 2024
CVE page last modified: Wed Aug 28 15:46:55 2024