jose4j before v0.9.3 allows attackers to set a low iteration count of 1000 or less. https://bitbucket.org/b_c/jose4j/issues/203/insecure-support-of-setting-pbe-less-then https://github.com/KANIXB/JWTIssues/blob/main/jose4j%20issue.md
This issue has been addressed in the following products: Red Hat Data Grid 8.4.6 Via RHSA-2023:7676 https://access.redhat.com/errata/RHSA-2023:7676
This issue has been addressed in the following products: Red Hat AMQ Streams 2.6.0 Via RHSA-2023:7678 https://access.redhat.com/errata/RHSA-2023:7678
This issue has been addressed in the following products: Red Hat build of Quarkus 2.13.9 Via RHSA-2023:7700 https://access.redhat.com/errata/RHSA-2023:7700