jose

1.11.12

1.11.12 1.11.11 1.11.10 1.11.9 1.11.8 1.11.7 1.11.6 1.11.5 1.11.4 1.11.2 1.11.1 1.11.0 1.10.1 1.10.0 1.9.0 1.8.4 1.8.3 1.8.2 1.8.1 1.8.0 1.7.9 1.7.8 1.7.7 1.7.6 1.7.5 1.7.4 1.7.3 1.7.2 1.7.1 1.7.0 1.6.1 1.6.0 1.5.2 1.5.1 1.5.0 1.4.2 1.4.1 1.4.0 1.3.0 1.2.0 1.1.3 1.1.2 1.1.1 1.1.0 1.0.1 1.0.0

JSON Object Signing and Encryption (JOSE) for Erlang and Elixir.

HexDocs HexPreview

Current section

1 Advisory

Jump to

Readme 46 Versions 0 Dependencies 127 Dependants 1 Advisory Activity

GHSA-9mg4-v392-8j68 CVE-2023-50966

erlang-jose vulnerable to denial of service via large p2c value

March 19, 2024

CVSS

5.3 / 10.0 Medium

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Versions

< 1.11.7

References

https://github.com/P3ngu1nW/CVE_Request/blob/main/erlang-jose.md
https://github.com/potatosalad/erlang-jose
https://github.com/potatosalad/erlang-jose/commit/718d213f07b08056737923f8063d5df56dcb66ae
https://hexdocs.pm/jose/JOSE.html
https://nvd.nist.gov/vuln/detail/CVE-2023-50966

Checksum

Dependency Config

mix.exs

rebar.config

Gleam

erlang.mk

Package Details

Downloads Last 30 days, all versions

this version

1 754 095

yesterday

11 183

last 7 days

214 878

all time

109 235 756

Last Updated

Nov 20, 2025

License

MIT

Build Tools

mix rebar3

Publisher

potatosalad

Owners

ericmj
potatosalad

Operator	Description	Example
name:	Match package name. Supports * wildcards and repo/package form	name:phx* or name:hexpm/phoenix
description:	Full-text search of package descriptions	description:auth
depends:	Packages depending on a given package. Supports repo:package form	depends:ecto or depends:hexpm:ecto
build_tool:	Filter by build tool	build_tool:mix
updated_after:	Packages updated after an ISO8601 datetime	updated_after:2025-01-01T00:00:00Z
extra:	Match custom metadata (key,value). Nested keys are separated by commas	extra:license,MIT

jose

Checksum

Dependency Config

Package Details

Links

Owners

Search filters