python-jwcrypto

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Python implementation of JWK, JWS, JWE specifications
Version 1.4.2-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2797 1.3.1-1 1.4.0-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2022-3102 AVG-2797 Medium Yes Authentication bypass
The JWT code can auto-detect the type of token being provided, and this can lead the application to incorrect conclusions about the trustworthiness of the...