Known Vulnerabilities for products from Go-jose Project
Listed below are 4 of the newest known vulnerabilities associated with the vendor "Go-jose Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34986 json | Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support ... | Not Provided | 2026-04-06 | 2026-05-04 |
| CVE-2016-9123 json | go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit architectures. An integer overflow could lead to auth... | Not Provided | 2017-03-28 | 2025-04-20 |
| CVE-2016-9122 json | go-jose before 1.0.4 suffers from multiple signatures exploitation. The go-jose library supports messages with multiple signa... | Not Provided | 2017-03-28 | 2025-04-20 |
| CVE-2016-9121 json | go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES... | Not Provided | 2017-03-28 | 2025-04-20 |
Known software with vulnerabilities from Go-jose Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Go-jose Project | Go-jose | 1.0.0 |