PasswordBasedDecrypter must enforce a limit on the max allowed JWE p2c header value

Issue #526 resolved
Vladimir Dzhuvinov created an issue

No description provided.

Comments (3)

  1. Heshan Sudarshana

    @Vladimir Dzhuvinov Do you have any plans to backport this fix to the 8.x versions, since there are API-level changes when migrating to the 9.x versions that could affect existing implementations?

  2. Yavor Vasilev

    There are no plans to backport this fix to 8.x.

    We focus to do maintenance on the 9.x, which we use internally in our commercial products.

  3. Log in to comment