Security: OpenIDC/cjose
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
-
all-zero Content Encryption Key used for AES-CBC-HMAC JWE encryptionGHSA-f6wf-pqg3-6wqq published
Jun 2, 2026 by zandbeltCritical -
Heap buffer overflow in AES Key Wrap decryption (A128KW/A192KW/A256KW)GHSA-75r7-f5cv-g3wj published
Jun 2, 2026 by zandbeltHigh -
disable RSA PKCS v1.5GHSA-6x73-979p-x9jr published
Apr 29, 2024 by zandbeltHigh -
incorrect Authentication Tag length usage in AES GCM decryptionGHSA-3rhg-3gf2-6xgj published
Jul 12, 2023 by zandbeltCritical
Learn more about advisories related to OpenIDC/cjose in the GitHub Advisory Database