pkg:PyPI/jwcrypto

All known vulnerabilities

• MEDIUM6.8CVE-2024-28102python-jwcrypto - security update
  from 0, < 1.5.6
• MEDIUM5.3CVE-2026-39373JWCrypto: JWE ZIP decompression bomb
  from 0, <= 1.5.6
• MEDIUM5.3CVE-2026-39373JWCrypto: JWE ZIP decompression bomb
  from 0, < 1.5.7
• MEDIUM5.3CVE-2023-6681DoS with algorithms that use PBKDF2 due to unbounded PBES2 Count value
  from 0, < 1.5.1
• MEDIUM5.3DoS with algorithms that use PBKDF2 due to unbounded PBES2 Count value
  from 0, < 1.5.1
• MEDIUM5.3jwcrypto lacks the Random Filling protection mechanism
  from 0, < eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba | from 0, < 0.4.0
• MEDIUM5.3jwcrypto lacks the Random Filling protection mechanism
  from 0, < 0.3.2
• —jwcrypto token substitution can lead to authentication bypass
  from 0, < 1.4