Search by 
PKSA-815n-fyy9-rqkd Security Advisory
-
PBES2-HS*+A*KW unwrap accepts an unbounded p2c iteration count, enabling CPU-amplification denial of service
Affected package: web-token/jwt-framework
Affected version: <3.4.10|>=4.0.0,<4.0.7|>=4.1.0,<4.1.7
Reported by:
FriendsOfPHP/security-advisories