Ubuntu Security Notice 6307-1 - It was discovered that JOSE for C/C++ AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE. An attacker could use this to cause a denial of service or might expose sensitive information.
0fe1a24114e00e5ae9f25a559d718911b8f95a69aeb879b5dabc16383b1d3100
Debian Linux Security Advisory 5472-1 - It was discovered that an incorrect implementation of AES GCM decryption in cjose, a C library implementing the JOSE standard may allow an attacker to provide a truncated Authentication Tag and modify the JWE object.
e815ed796d98716daec24718d9f1e8fca1f08e0f4680903994da1dabbc41af77
Red Hat Security Advisory 2023-4429-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
84e4fa4c9b723f028eda570601609ad7ebfc7fe269bbe166be52f190e0c0e177
Red Hat Security Advisory 2023-4417-01 - CJose is C library implementing the Javascript Object Signing and Encryption.
22c3bb74d9c2e542f865f639c88c79b425277c88a060f4e27bf5dbe20a578efb
Red Hat Security Advisory 2023-4418-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
0a1d5bf1e533e63b02c6e841cbe1f36306457fe7553ff9cafa89fb500b756835
Red Hat Security Advisory 2023-4411-01 - CJose is C library implementing the Javascript Object Signing and Encryption.
dccddcd552f7680d2e72aefb3cffd84471aa6a23a83e150e4d8ca50f00633b60
Red Hat Security Advisory 2023-4410-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
962a03700cdaf2b77f70083e13671a7f51883c7dd8caf31e5fcb70c908ba55ca
Red Hat Security Advisory 2023-4409-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
40ffbac1f3fe480270dd9f44f9d7529da5cc4f57c4e56941745de21f93adbf30
Red Hat Security Advisory 2023-4408-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
1efff2ead8b420c3c676224349d5410ab7d79630c905f83d260e8b9095357348