Rhonabwy before v1.1.5 was discovered to contain a buffer overflow via the component r_jwe_aesgcm_key_unwrap. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted JWE token.
References
Link | Resource |
---|---|
https://github.com/babelouest/rhonabwy/ | Third Party Advisory |
https://github.com/babelouest/rhonabwy/commit/b4c2923a1ba4fabf9b55a89244127e153a3e549b | Patch Third Party Advisory |
Configurations
Information
Published : 2022-07-13 09:15
Updated : 2022-07-26 04:24
NVD link : CVE-2022-32096
Mitre link : CVE-2022-32096
JSON object : View
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Products Affected
rhonabwy_project
- rhonabwy