Skip to main content

Jwcrypto

2 CVEs product

Monthly

CVE-2024-28102 PyPI MEDIUM POC PATCH This Month

JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Python Denial Of Service Jwcrypto Debian Linux
NVD GitHub
CVSS 3.1
6.8
EPSS
1.0%
CVE-2016-6298 PyPI MEDIUM PATCH This Month

The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Jwcrypto
NVD GitHub
CVSS 3.1
5.3
EPSS
0.4%
EPSS 1% CVSS 6.8
MEDIUM POC PATCH This Month

JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Python Denial Of Service Jwcrypto +1
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Jwcrypto
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy