Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi

jwcrypto

pypi · Implementation of JOSE Web standards · Repository · Package

Security Advisories for jwcrypto in pypi

Moderate
over 1 year ago

JWCrypto vulnerable to JWT bomb Attack in `deserialize` function GSA_kwCzR0hTQS1qODU3LTdydnYtdmo5N84AA5zv

pypi jwcrypto
Moderate
almost 2 years ago

DoS with algorithms that use PBKDF2 due to unbounded PBES2 Count value GSA_kwCzR0hTQS1jdzJyLTRwODItcXY3Oc4AA4Dz

pypi jwcrypto
Moderate
about 3 years ago

jwcrypto token substitution can lead to authentication bypass GSA_kwCzR0hTQS1nd3A0LW1jdjQtdzk1as4AAu95

pypi jwcrypto
Moderate
over 3 years ago

jwcrypto lacks the Random Filling protection mechanism GSA_kwCzR0hTQS13ZzMzLXg5MzQtM2doaM4AAc86

pypi jwcrypto

Filter by Severity

Moderate 4