CVE-2024-29371 — CVSS 7.5 (high): In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token…
CVE-2023-51775 — CVSS 6.5 (medium): The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2…