Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi

jwcrypto

pypi

Implementation of JOSE Web standards

View on github.com · View on pypi.org

Security Advisories for jwcrypto in pypi

Moderate
over 1 year ago

JWCrypto vulnerable to JWT bomb Attack in `deserialize` function GSA_kwCzR0hTQS1qODU3LTdydnYtdmo5N84AA5zv

pypi jwcrypto
Moderate
almost 2 years ago

DoS with algorithms that use PBKDF2 due to unbounded PBES2 Count value GSA_kwCzR0hTQS1jdzJyLTRwODItcXY3Oc4AA4Dz

pypi jwcrypto
Moderate
about 3 years ago

jwcrypto token substitution can lead to authentication bypass GSA_kwCzR0hTQS1nd3A0LW1jdjQtdzk1as4AAu95

pypi jwcrypto
Moderate
over 3 years ago

jwcrypto lacks the Random Filling protection mechanism GSA_kwCzR0hTQS13ZzMzLXg5MzQtM2doaM4AAc86

pypi jwcrypto

Filter by Severity

Moderate 4