latchset jose through version 11 allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value. https://github.com/P3ngu1nW/CVE_Request/blob/main/latch-jose.md https://github.com/latchset/jose
Created jose tracking bugs for this issue: Affects: fedora-all [bug 2270539]