AVG-2797 log
| Package | python-jwcrypto |
| Status | Fixed |
| Severity | Medium |
| Type | authentication bypass |
| Affected | 1.3.1-1 |
| Fixed | 1.4.0-1 |
| Current | 1.5.6-5 [extra] |
| Ticket | None |
| Created | Wed Sep 14 12:09:56 2022 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2022-3102 | Medium | Yes | Authentication bypass | The JWT code can auto-detect the type of token being provided, and this can lead the application to incorrect conclusions about the trustworthiness of the... |