Package impact
PyPI / jwcrypto
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-6681 | medium | — | 5.5 | 2y ago | Moderate: python-jwcrypto security update | |||
| CVE-2024-28102 | medium | — | 5.5 | 2y ago | Moderate: python-jwcrypto security update | |||
| CVE-2022-3102 | medium | — | 5.5 | 4y ago | jwcrypto token substitution can lead to authentication bypass | |||
| CVE-2016-6298 | medium | 5.3 | 5.3 | 10y ago | The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain clearte… |