Analyzed
about 8 hours
ago.
based on code collected
about 8 hours
ago.
Project Summary
The jose.4.j library is an Apache 2 licensed open source implementation of JWS, JWE, JWA and JWK from the IETF JOSE Working Group. It is written in Java and relies solely on the JCA APIs for cryptography.
In a Nutshell, jose4j...
- ...
- ...
-
...
has a well established, mature codebase
maintained by a small development team
with decreasing Y-O-Y commits -
...
took an estimated 8 years of effort (COCOMO model)
starting with its first commit in October, 2012
ending with its most recent commit 4 months ago
Quick Reference
https://bitbucket.org/b_c/jose4j
Project Security
Vulnerabilities per Version ( last 10 releases )
Project Vulnerability Report
Security Confidence Index
Poor security track-record
Favorable security track-record
Vulnerability Exposure Index
Many reported vulnerabilities
Few reported vulnerabilities
Did You Know...
-
...
nearly 1 in 3 companies have no process for identifying, tracking, or remediating known open source vulnerabilities
-
...
check out hot projects on the Open Hub
-
...
in 2016, 47% of companies did not have formal process in place to track OS code
-
...
learn about Open Hub updates and features on the Open Hub blog
30 Day SummaryAug 23 2025 — Sep 22 2025
|
12 Month SummarySep 22 2024 — Sep 22 2025
|
