Debian Linux Security Advisory 5472-1 - It was discovered that an incorrect implementation of AES GCM decryption in cjose, a C library implementing the JOSE standard may allow an attacker to provide a truncated Authentication Tag and modify the JWE object.
e815ed796d98716daec24718d9f1e8fca1f08e0f4680903994da1dabbc41af77