| CVE |
Severity |
CVSS |
Risk |
Published |
Description |
Impact |
| CVE-2017-12974 |
high |
7.5 |
7.5 |
9y ago |
Improper Verification of Cryptographic Signature in Nimbus JOSE+JWT |
|
| CVE-2017-12972 |
high |
7.5 |
7.5 |
9y ago |
Nimbus JOSE+JWT missing overflow check |
|
| CVE-2017-12973 |
low |
3.1 |
3.1 |
9y ago |
Nimbus JOSE+JWT vulnerable to padding oracle attack |
|
| CVE-2025-53864 |
unknown |
— |
— |
11mo ago |
Nimbus JOSE + JWT is vulnerable to DoS attacks when processing deeply nested JSON |
|
| CVE-2023-52428 |
unknown |
— |
— |
2y ago |
Denial of Service in Connect2id Nimbus JOSE+JWT |
|
| CVE-2019-17195 |
unknown |
— |
— |
7y ago |
Improper Check for Unusual or Exceptional Conditions in Connect2id Nimbus JOSE+JWT |
|