Package impact
PyPI / jwcrypto
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-6681 | medium | — | 5.5 | 2y ago | RHSA-2024:3267: idm:DL1 and idm:client security update (Moderate) | |||
| CVE-2024-28102 | medium | — | 5.5 | 2y ago | RHSA-2024:3267: idm:DL1 and idm:client security update (Moderate) | |||
| CVE-2022-3102 | medium | — | 5.5 | 4y ago | jwcrypto token substitution can lead to authentication bypass | |||
| CVE-2016-6298 | medium | 5.3 | 5.3 | 10y ago | The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain clearte… | |||
| CVE-2026-39373 | low | — | 2.5 | 17d ago | Low: python-jwcrypto security update |