Lucene search

PyJWT vulnerable to key confusion attacks

🗓️ 13 May 2022 01:19:42Reported by GitHub Advisory DatabaseType

PyJWT key confusion vulnerabilit

Reporter	Title	Published	Views	Family All 26
Veracode	Key Confusion Attacks	16 Aug 201722:26	–	veracode
Tenable Nessus	Debian DSA-3979-1 : pyjwt - security update	20 Sep 201700:00	–	nessus
Tenable Nessus	Fedora 26 : python-jwt (2017-b9f07dfaca)	25 Sep 201700:00	–	nessus
Tenable Nessus	Fedora 27 : python-jwt (2017-0cc84101de)	15 Jan 201800:00	–	nessus
Tenable Nessus	Ubuntu 16.04 LTS : PyJWT vulnerability (USN-3407-1)	31 Aug 201700:00	–	nessus
Tenable Nessus	openSUSE Security Update : python3-PyJWT (openSUSE-2017-1178)	23 Oct 201700:00	–	nessus
OpenVAS	Fedora Update for python-jwt FEDORA-2017-b9f07dfaca	28 Sep 201700:00	–	openvas
OpenVAS	Debian: Security Advisory (DSA-3979-1)	18 Sep 201700:00	–	openvas
OpenVAS	Ubuntu: Security Advisory (USN-3407-1)	26 Oct 201800:00	–	openvas
Debian	[SECURITY] [DSA 3979-1] pyjwt security update	19 Sep 201720:55	–	debian

Vulners

Node

pyjwt_project pyjwtRange<1.5.1

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2017-11424
github	www.github.com/jpadilla/pyjwt/pull/277
debian	www.debian.org/security/2017/dsa-3979
github	www.github.com/pypa/advisory-database/tree/main/vulns/pyjwt/PYSEC-2017-24.yaml
github	www.github.com/advisories/GHSA-r9jw-mwhq-wp62

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 May 2022 01:42Current

3.7Low risk

Vulners AI Score3.7

CVSS25

CVSS37.5

EPSS0.00082