Low Iteration Count Vulnerability in jose4j (before v0.9.3)

Low Iteration Count Vulnerability in jose4j (before v0.9.3)

CVE-2023-31582 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

jose4j before v0.9.3 allows attackers to set a low iteration count of 1000 or less.

Learn more about our Web Application Penetration Testing UK.