FLAT-R748Y (CVE-2026-22748)
Lack of data validation In org.springframework.security:spring-security-oauth2-jose
3.9
Low
Ecosystem: Maven
Package: org.springframework.security:spring-security-oauth2-jose
FLAT-GH3D4 (CVE-2026-34986)
Asymmetric denial of service In golang-gopkg-square-go-jose.v2
6.3
Medium
Ecosystem: Debian
Package: golang-gopkg-square-go-jose.v2
FLAT-J13U8 (CVE-2026-34240)
Lack of data validation In jose
7.8
High
Ecosystem: Pub
Package: jose
FLAT-3OEIQ (CVE-2026-27932)
Asymmetric denial of service In joserfc
6.3
Medium
Ecosystem: Debian
Package: joserfc
FLAT-Z2933 (GHSA-88q6-jcjg-hvmw)
Insecure encryption algorithm In github.com/beatt83/jose-swift
8.0
High
Ecosystem: SwiftURL
Package: github.com/beatt83/jose-swift
FLAT-YSW4O (CVE-2024-29371)
Insecurely generated token In org.bitbucket.b_c:jose4j
7.7
High
Ecosystem: Maven
Package: org.bitbucket.b_c:jose4j
FLAT-SBUZZ (CVE-2024-29370)
Asymmetric denial of service In python-jose
0.0
None
Ecosystem: PyPI
Package: python-jose
FLAT-0F3BI (CVE-2025-65015)
Inadequate file size control In joserfc
7.7
High
Ecosystem: Debian
Package: joserfc
FLAT-HUKRC (CVE-2025-63811)
Asymmetric denial of service In golang-github-dvsekhvalnov-jose2go
7.7
High
Ecosystem: Debian
Package: golang-github-dvsekhvalnov-jose2go
FLAT-KW6RU (MAL-2025-171421)
Use of software with malware In josephphillips
5.2
Medium
Ecosystem: Npm
Package: josephphillips
FLAT-1QEKV (MAL-2025-171420)
Use of software with malware In josecarvalho
5.2
Medium
Ecosystem: Npm
Package: josecarvalho
FLAT-D56HY (CVE-2025-45767)
Insecure encryption algorithm In node-jose
0.6
Low
Ecosystem: Debian
Package: node-jose
FLAT-C314W (CVE-2025-53864)
Improper resource allocation In com.nimbusds:nimbus-jose-jwt
2.7
Low
Ecosystem: Maven
Package: com.nimbusds:nimbus-jose-jwt
FLAT-LPUNH (MAL-2025-2630)
Use of software with malware In @ofjaaah/jose2
5.2
Medium
Ecosystem: Npm
Package: @ofjaaah/jose2
FLAT-MUKBI (CVE-2025-27144)
Improper resource allocation In github.com/square/go-jose
2.7
Low
Ecosystem: Go
Package: github.com/square/go-jose
FLAT-3W87F (DLA-4060-1)
Lack of data validation In djoser
1.3
Low
Ecosystem: Debian
Package: djoser
FLAT-DLM5Z (CVE-2024-21543)
Authentication mechanism absence or evasion In djoser
5.0
Medium
Ecosystem: PyPI
Package: djoser
FLAT-ED8N9 (CVE-2024-32007)
Lack of data validation In org.apache.cxf:cxf-rt-rs-security-jose
2.7
Low
Ecosystem: Maven
Package: org.apache.cxf:cxf-rt-rs-security-jose
FLAT-O1LD9 (MAL-2024-4373)
Use of software with malware In blосkcore.jose
5.2
Medium
Ecosystem: NuGet
Package: blосkcore.jose
FLAT-BO2BS (MAL-2024-2181)
Use of software with malware In down_load_ebook_gelassenheit_durch_stoizismus_by_josef_moser_vbg8g
5.2
Medium
Ecosystem: Npm
Package: down_load_ebook_gelassenheit_durch_stoizismus_by_josef_moser_vbg8g
FLAT-JRVNS (MAL-2024-2174)
Use of software with malware In down_load_ebook_de_kracht_in_jezelf_by_joseph_murphy_gnus5
5.2
Medium
Ecosystem: Npm
Package: down_load_ebook_de_kracht_in_jezelf_by_joseph_murphy_gnus5
FLAT-B2MYH (GHSA-4rr6-gf59-ggw5)
Insufficient data authenticity validation In namshi/jose
1.3
Low
Ecosystem: Packagist
Package: namshi/jose
FLAT-KNT1Z (GHSA-hxhc-wmg8-xrqf)
Improper authorization control for web services In namshi/jose
2.7
Low
Ecosystem: Packagist
Package: namshi/jose
FLAT-C7JXS (GHSA-9gxv-x7rp-r2hc)
Insufficient data authenticity validation In gree/jose
1.3
Low
Ecosystem: Packagist
Package: gree/jose
FLAT-2BYGM (CVE-2024-33663)
Insecure encryption algorithm In python-jose
8.0
High
Ecosystem: PyPI
Package: python-jose
FLAT-H8THT (CVE-2024-33664)
Asymmetric denial of service In python-jose
2.7
Low
Ecosystem: PyPI
Package: python-jose
FLAT-UBCXR (CVE-2023-50967)
Asymmetric denial of service In jose
6.6
Medium
Ecosystem: Debian
Package: jose
FLAT-EE232 (CVE-2023-50966)
Asymmetric denial of service In jose
2.7
Low
Ecosystem: Hex
Package: jose
FLAT-W707X (CVE-2024-28180)
Excessive privileges In golang-gopkg-square-go-jose.v2
1.3
Low
Ecosystem: Debian
Package: golang-gopkg-square-go-jose.v2
FLAT-CYEJG (CVE-2023-50658)
Asymmetric denial of service In github.com/dvsekhvalnov/jose2go
6.6
Medium
Ecosystem: Go
Package: github.com/dvsekhvalnov/jose2go
FLAT-TGBWD (CVE-2023-51775)
Asymmetric denial of service In org.bitbucket.b_c:jose4j
4.9
Medium
Ecosystem: Maven
Package: org.bitbucket.b_c:jose4j
FLAT-2XVE0 (CVE-2023-52428)
Asymmetric denial of service In com.nimbusds:nimbus-jose-jwt
6.6
Medium
Ecosystem: Maven
Package: com.nimbusds:nimbus-jose-jwt
FLAT-IO90K (GHSA-mhpq-9638-x6pw)
Asymmetric denial of service In github.com/dvsekhvalnov/jose2go
0.0
None
Ecosystem: Go
Package: github.com/dvsekhvalnov/jose2go
FLAT-JKHA1 (GHSA-2c7c-3mj9-8fqh)
Improper resource allocation In github.com/square/go-jose
2.7
Low
Ecosystem: Go
Package: github.com/square/go-jose
FLAT-RY9PH (CVE-2023-31582)
Insecure encryption algorithm In org.bitbucket.b_c:jose4j
4.9
Medium
Ecosystem: Maven
Package: org.bitbucket.b_c:jose4j
FLAT-5V6V2 (DSA-5472-1)
Lack of data validation In cjose
1.3
Low
Ecosystem: Debian
Package: cjose
FLAT-SL895 (DLA-3515-1)
Lack of data validation In cjose
1.3
Low
Ecosystem: Debian
Package: cjose
FLAT-3A2LB (CVE-2023-37464)
Lack of data validation In cjose
6.6
Medium
Ecosystem: Debian
Package: cjose
FLAT-VCGFL (GHSA-jgvc-jfgh-rjvv)
Insecure encryption algorithm In org.bitbucket.b_c:jose4j
0.6
Low
Ecosystem: Maven
Package: org.bitbucket.b_c:jose4j
FLAT-DSNQX (CVE-2023-25653)
Inappropriate coding practices In node-jose
6.6
Medium
Ecosystem: Npm
Package: node-jose
FLAT-ATUOR (CVE-2022-36083)
Improper resource allocation In jose
2.7
Low
Ecosystem: Npm
Package: jose
FLAT-HHN6D (MAL-2022-4046)
Use of software with malware In jose-cookbook
5.2
Medium
Ecosystem: Npm
Package: jose-cookbook
FLAT-HQ8T7 (CVE-2016-5431)
Insecure encryption algorithm In gree/jose
6.6
Medium
Ecosystem: Packagist
Package: gree/jose
FLAT-ZQ0X4 (CVE-2016-7036)
Lack of data validation - Path Traversal In python-jose
6.3
Medium
Ecosystem: PyPI
Package: python-jose
FLAT-7Z6YR (CVE-2017-12973)
Missing subresource integrity check In com.nimbusds:nimbus-jose-jwt
0.6
Low
Ecosystem: Maven
Package: com.nimbusds:nimbus-jose-jwt
FLAT-IAGQO (CVE-2017-12974)
Insecure digital certificates In com.nimbusds:nimbus-jose-jwt
6.6
Medium
Ecosystem: Maven
Package: com.nimbusds:nimbus-jose-jwt
FLAT-ALCA1 (CVE-2017-12972)
Insufficient data authenticity validation In com.nimbusds:nimbus-jose-jwt
6.6
Medium
Ecosystem: Maven
Package: com.nimbusds:nimbus-jose-jwt
FLAT-2ECQ4 (CVE-2018-0114)
Insufficient data authenticity validation In node-jose
6.6
Medium
Ecosystem: Npm
Package: node-jose
FLAT-RH4A0 (CVE-2016-9121)
Insecure encryption algorithm In gopkg.in/square/go-jose.v1
8.0
High
Ecosystem: Go
Package: gopkg.in/square/go-jose.v1
FLAT-QQD84 (CVE-2016-9123)
Out-of-bounds read In github.com/square/go-jose
6.6
Medium
Ecosystem: Go
Package: github.com/square/go-jose
FLAT-BAOX1 (CVE-2016-9122)
Improper authorization control for web services In gopkg.in/square/go-jose.v1
6.6
Medium
Ecosystem: Go
Package: gopkg.in/square/go-jose.v1
FLAT-ROT02 (CVE-2021-29446)
Insecure functionality In jose-node-cjs-runtime
4.6
Medium
Ecosystem: Npm
Package: jose-node-cjs-runtime
FLAT-QUIFD (CVE-2021-29445)
Insecure functionality In jose-node-esm-runtime
4.6
Medium
Ecosystem: Npm
Package: jose-node-esm-runtime
FLAT-BDN2V (CVE-2021-29444)
User enumeration In jose-browser-runtime
4.6
Medium
Ecosystem: Npm
Package: jose-browser-runtime
FLAT-F5ZX9 (CVE-2021-29443)
Insecure functionality In jose
4.6
Medium
Ecosystem: Npm
Package: jose
FLAT-36UES (GHSA-h6wq-jw7q-grxv)
Business information leak In org.bitbucket.b_c:jose4j
0.0
None
Ecosystem: Maven
Package: org.bitbucket.b_c:jose4j
FLAT-BWEXB (CVE-2019-17195)
Insecure deserialization In com.nimbusds:nimbus-jose-jwt
8.1
High
Ecosystem: Maven
Package: com.nimbusds:nimbus-jose-jwt
FLAT-J72D9 (CVE-2017-16007)
Sensitive information sent insecurely In node-jose
4.6
Medium
Ecosystem: Npm
Package: node-jose