Vulnerabilities > Connect2Id > Nimbus Jose JWT > 8.4

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-11	CVE-2023-52428	Unspecified vulnerability in Connect2Id Nimbus Jose+Jwt In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component. network low complexity connect2id	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.