[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-29371":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":27,"aliases":37,"duplicate_of":9,"upstream":39,"downstream":40,"duplicates":51,"related":52,"reserved_at":9,"published_at":64,"modified_at":65,"state":66,"summary":67,"references_raw":75,"kevs":99,"epss":100,"epss_history":103,"metrics":376,"affected":386},"CVE-2024-29371","In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-1259","Improper Restriction of Security Token Assignment","The System-On-A-Chip (SoC) implements a Security Token mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Tokens are improperly protected.","weakness","Incomplete","Base",[19,23],{"id":20,"name":21,"techniques":22},"CAPEC-121","Exploit Non-Production Interfaces",[],{"id":24,"name":25,"techniques":26},"CAPEC-681","Exploitation of Improperly Controlled Hardware Security Identifiers",[],[28],{"_key":29,"name":30,"source":31,"url":32,"maturity":33,"reliability_score":34,"verified":35,"type":9,"platforms":36,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_203BC4918093211E","Exploit Reference (bitbucket.org)","reference","https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack","unknown",0.2,false,[],[38],"GHSA-3677-xxcr-wjqv",[],[41,43,45,47,49],{"_key":42},"SUSE-SU-2026:1010-1",{"_key":44},"DEBIAN-CVE-2024-29371",{"_key":46},"UBUNTU-CVE-2024-29371",{"_key":48},"RHSA-2024:5479",{"_key":50},"RHSA-2024:5481",[],[53,54,56,58,60,62],{"_key":42},{"_key":55},"CGA-23CC-93GV-875J",{"_key":57},"CGA-7WX6-QMQ7-WVGP",{"_key":59},"CGA-88RQ-QCFV-CVWG",{"_key":61},"CGA-J26W-9R84-M769",{"_key":63},"CGA-5HVW-2376-3QWP","2025-12-17T00:00:00.000Z","2026-01-23T19:28:10.386Z","Modified",{"cisa_kev":35,"cisa_ransomware":35,"cisa_vendor":9,"epss_severity":68,"epss_score":69,"severity":70,"severity_score":71,"severity_version":72,"severity_source":73,"severity_vector":74,"severity_status":66},"low",0.00021,"high",7.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[76,85,90,94],{"url":32,"sources":77,"tags":80},[73,78,79],"nvd","osv_maven",[81,82,83,84],"Exploit","Issue Tracking","Mitigation","WEB",{"url":86,"sources":87,"tags":88},"https://nvd.nist.gov/vuln/detail/CVE-2024-29371",[79],[89],"Advisory",{"url":91,"sources":92,"tags":93},"https://bitbucket.org/b_c/jose4j/commits/19a90a64c47bb07c4aa5462f1316d5c293d81fcf",[79],[84],{"url":95,"sources":96,"tags":97},"https://bitbucket.org/b_c/jose4j/wiki/Home",[79],[98],"PACKAGE",[],{"date":101,"score":69,"percentile":102},"2026-06-05",0.06171,[104,108,111,114,117,120,124,127,130,133,136,139,142,145,148,151,154,157,160,163,167,170,173,176,179,182,185,187,190,193,196,199,203,206,209,212,215,218,221,224,227,229,233,236,239,241,244,247,250,253,256,259,262,265,268,271,274,277,280,283,286,289,292,296,299,302,305,308,311,314,317,320,323,326,329,332,335,338,341,343,346,349,352,355,358,361,364,367,370,373],{"date":105,"score":106,"percentile":107},"2025-12-18",0.00023,0.05646,{"date":109,"score":106,"percentile":110},"2025-12-19",0.05639,{"date":112,"score":106,"percentile":113},"2025-12-20",0.05636,{"date":115,"score":106,"percentile":116},"2025-12-21",0.05624,{"date":118,"score":106,"percentile":119},"2025-12-22",0.05576,{"date":121,"score":122,"percentile":123},"2025-12-23",0.00031,0.08303,{"date":125,"score":122,"percentile":126},"2025-12-24",0.08315,{"date":128,"score":122,"percentile":129},"2025-12-25",0.08392,{"date":131,"score":122,"percentile":132},"2025-12-26",0.08395,{"date":134,"score":122,"percentile":135},"2025-12-27",0.08387,{"date":137,"score":122,"percentile":138},"2025-12-28",0.08398,{"date":140,"score":122,"percentile":141},"2025-12-29",0.08379,{"date":143,"score":122,"percentile":144},"2025-12-30",0.08343,{"date":146,"score":122,"percentile":147},"2025-12-31",0.08381,{"date":149,"score":122,"percentile":150},"2026-01-01",0.08447,{"date":152,"score":122,"percentile":153},"2026-01-02",0.08443,{"date":155,"score":122,"percentile":156},"2026-01-03",0.08439,{"date":158,"score":122,"percentile":159},"2026-01-04",0.08373,{"date":161,"score":122,"percentile":162},"2026-01-05",0.08322,{"date":164,"score":165,"percentile":166},"2026-01-06",0.00033,0.09225,{"date":168,"score":165,"percentile":169},"2026-01-07",0.09258,{"date":171,"score":165,"percentile":172},"2026-01-08",0.09319,{"date":174,"score":165,"percentile":175},"2026-01-09",0.09337,{"date":177,"score":165,"percentile":178},"2026-01-10",0.09355,{"date":180,"score":165,"percentile":181},"2026-01-11",0.09308,{"date":183,"score":165,"percentile":184},"2026-01-12",0.09288,{"date":186,"score":165,"percentile":169},"2026-01-13",{"date":188,"score":165,"percentile":189},"2026-01-14",0.09312,{"date":191,"score":165,"percentile":192},"2026-01-15",0.09321,{"date":194,"score":165,"percentile":195},"2026-01-16",0.0936,{"date":197,"score":165,"percentile":198},"2026-01-17",0.09369,{"date":200,"score":201,"percentile":202},"2026-01-18",0.00036,0.10436,{"date":204,"score":201,"percentile":205},"2026-01-19",0.10389,{"date":207,"score":201,"percentile":208},"2026-01-20",0.10363,{"date":210,"score":201,"percentile":211},"2026-01-21",0.10329,{"date":213,"score":201,"percentile":214},"2026-01-22",0.10323,{"date":216,"score":201,"percentile":217},"2026-01-23",0.10418,{"date":219,"score":201,"percentile":220},"2026-01-24",0.1047,{"date":222,"score":201,"percentile":223},"2026-01-25",0.10426,{"date":225,"score":201,"percentile":226},"2026-01-26",0.1038,{"date":228,"score":201,"percentile":208},"2026-01-27",{"date":230,"score":231,"percentile":232},"2026-01-28",0.00049,0.15183,{"date":234,"score":231,"percentile":235},"2026-01-29",0.15172,{"date":237,"score":231,"percentile":238},"2026-01-30",0.15163,{"date":240,"score":231,"percentile":232},"2026-01-31",{"date":242,"score":231,"percentile":243},"2026-02-01",0.15164,{"date":245,"score":231,"percentile":246},"2026-02-02",0.15111,{"date":248,"score":231,"percentile":249},"2026-02-03",0.15086,{"date":251,"score":231,"percentile":252},"2026-02-04",0.15075,{"date":254,"score":231,"percentile":255},"2026-02-05",0.15114,{"date":257,"score":231,"percentile":258},"2026-02-06",0.15138,{"date":260,"score":231,"percentile":261},"2026-02-07",0.15158,{"date":263,"score":231,"percentile":264},"2026-02-08",0.15117,{"date":266,"score":231,"percentile":267},"2026-02-09",0.15084,{"date":269,"score":231,"percentile":270},"2026-02-10",0.15013,{"date":272,"score":231,"percentile":273},"2026-02-11",0.15056,{"date":275,"score":231,"percentile":276},"2026-02-12",0.15088,{"date":278,"score":231,"percentile":279},"2026-02-13",0.15091,{"date":281,"score":231,"percentile":282},"2026-02-14",0.15028,{"date":284,"score":231,"percentile":285},"2026-02-15",0.15009,{"date":287,"score":231,"percentile":288},"2026-02-16",0.14974,{"date":290,"score":231,"percentile":291},"2026-02-17",0.14945,{"date":293,"score":294,"percentile":295},"2026-02-18",0.00019,0.04502,{"date":297,"score":294,"percentile":298},"2026-02-19",0.04563,{"date":300,"score":294,"percentile":301},"2026-02-20",0.04522,{"date":303,"score":294,"percentile":304},"2026-02-21",0.04532,{"date":306,"score":294,"percentile":307},"2026-02-22",0.04529,{"date":309,"score":294,"percentile":310},"2026-02-23",0.04842,{"date":312,"score":294,"percentile":313},"2026-02-24",0.04829,{"date":315,"score":294,"percentile":316},"2026-02-25",0.04801,{"date":318,"score":294,"percentile":319},"2026-02-26",0.04765,{"date":321,"score":294,"percentile":322},"2026-02-27",0.04833,{"date":324,"score":294,"percentile":325},"2026-02-28",0.0482,{"date":327,"score":294,"percentile":328},"2026-03-01",0.04889,{"date":330,"score":294,"percentile":331},"2026-03-02",0.04925,{"date":333,"score":294,"percentile":334},"2026-03-03",0.04939,{"date":336,"score":294,"percentile":337},"2026-03-04",0.04818,{"date":339,"score":294,"percentile":340},"2026-03-05",0.04871,{"date":342,"score":294,"percentile":310},"2026-03-06",{"date":344,"score":294,"percentile":345},"2026-03-07",0.04851,{"date":347,"score":294,"percentile":348},"2026-03-08",0.04853,{"date":350,"score":294,"percentile":351},"2026-03-09",0.04832,{"date":353,"score":294,"percentile":354},"2026-03-10",0.04836,{"date":356,"score":294,"percentile":357},"2026-03-11",0.04845,{"date":359,"score":294,"percentile":360},"2026-03-12",0.04866,{"date":362,"score":294,"percentile":363},"2026-03-13",0.04867,{"date":365,"score":294,"percentile":366},"2026-03-14",0.04831,{"date":368,"score":294,"percentile":369},"2026-03-15",0.04816,{"date":371,"score":294,"percentile":372},"2026-03-16",0.04812,{"date":374,"score":294,"percentile":375},"2026-03-17",0.04808,[377,382,384],{"source":73,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":378,"cvss_v4_0":9},{"baseScore":71,"baseSeverity":379,"vectorString":74,"impactScore":380,"exploitabilityScore":381},"HIGH",6,10,{"source":78,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":383,"cvss_v4_0":9},{"baseScore":71,"baseSeverity":379,"vectorString":74,"impactScore":380,"exploitabilityScore":381},{"source":79,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":385,"cvss_v4_0":9},{"baseScore":71,"baseSeverity":9,"vectorString":74,"impactScore":380,"exploitabilityScore":381},[387,398],{"ecosystem":9,"name":388,"vendor":389,"product":388,"cpe_part":390,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":391},"jose4j","jose4j_project","a",[392],{"version":393,"is_range":394,"range_type":395,"version_start":9,"version_start_type":9,"version_end":396,"version_end_type":397,"fixed_in":9},"lt0.9.5",true,"cpe","0.9.5","excluding",{"ecosystem":399,"name":400,"vendor":401,"product":388,"cpe_part":9,"purl_type":402,"purl_namespace":401,"purl_name":388,"source":9,"versions":403},"Maven","org.bitbucket.b_c:jose4j","org.bitbucket.b_c","maven",[404],{"version":405,"is_range":394,"range_type":406,"version_start":9,"version_start_type":9,"version_end":407,"version_end_type":397,"fixed_in":9},"lt0_9_6","ecosystem","0.9.6"]