OsVault/npm/jose
npm

jose

10 known vulnerabilities · 0 critical · 1 high

CVE-2022-36083MEDIUM

JOSE vulnerable to resource exhaustion via specifically crafted JWE

Published Sep 16, 2022
CVE-2024-28176MEDIUM

jose vulnerable to resource exhaustion via specifically crafted JWE with compressed plaintext

Published Mar 7, 2024
CVE-2021-29443MEDIUM

Padding Oracle Attack due to Observable Timing Discrepancy in jose

Published Apr 19, 2021
CVE-2017-16007MEDIUM

Invalid Curve Attack in node-jose

Published Jul 20, 2018
CVE-2021-29446MEDIUM

Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-cjs-runtime

Published Apr 19, 2021
CVE-2021-29444MEDIUM

Padding Oracle Attack due to Observable Timing Discrepancy in jose-browser-runtime

Published Apr 19, 2021
CVE-2018-0114HIGH

Cisco node-jose improper validation of JWT signature

Published May 13, 2022
MAL-2022-4046

Malicious code in jose-cookbook (npm)

Published Jun 20, 2022
MAL-2025-2630

Malicious code in @ofjaaah/jose2 (npm)

Published Mar 25, 2025
CVE-2021-29445MEDIUM

Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-esm-runtime

Published Apr 19, 2021
Check your entire dependency tree at onceRun dependency scan →