CVE-2025-53864 | Connect2id Nimbus JOSE+JWT up to 10.0.1 JSON Object recursion

Inserito da Angelo Barbosa | Lug 11, 2025 | CVE

A vulnerability, which was classified as problematic, was found in Connect2id Nimbus JOSE+JWT up to 10.0.1. Affected is an unknown function of the component JSON Object Handler. The manipulation leads to uncontrolled recursion.

This vulnerability is traded as CVE-2025-53864. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-53864 | Connect2id Nimbus JOSE+JWT up to 10.0.1 JSON Object recursion

Post correlati

CVE-2023-50030 | Jms Setting Module up to 1.1.0 on PrestaShop getSecondImgs sql injection

CVE-2024-6162 | Red Hat Undertow ajp-listener denial of service

CVE-2024-32038 | Wazuh up to 4.7.1 wazuh-analysisd heap-based overflow (GHSA-fcpw-v3pg-c327)

CVE-2024-41042 | Linux Kernel up to 6.9.9 netfilter nf_tables_check_loops stack-based overflow (9df785aeb7dc/cff3bd012a95)