| Reporter | Title | Published | Views | Family All 156 |
|---|---|---|---|---|
| Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate Developer Edition | 17 Dec 202509:51 | – | ibm | |
| Security Bulletin: authlib-cve202437568-sec-bypass | 2 Aug 202407:51 | – | ibm | |
| Security Bulletin: Authlib JOSE Denial of Service via Unbounded JWS or JWT Header and Signature Parsing, affects watsonx.data | 10 Feb 202616:39 | – | ibm | |
| The vulnerability of the JOSE library Authlib implementation for OAuth and OpenID Connect servers allows a perpetrator to induce a service failure. | 23 Mar 202600:00 | – | bdu_fstec | |
| CVE-2025-59420 vulnerabilities | 25 Sep 202501:34 | – | cgr | |
| CVE-2025-61920 vulnerabilities | 16 Oct 202507:17 | – | cgr | |
| CVE-2025-62706 vulnerabilities | 7 Jan 202601:30 | – | cgr | |
| CVE-2025-59420 | 20 Sep 202508:10 | – | circl | |
| CVE-2025-61920 | 10 Oct 202502:28 | – | circl | |
| CVE-2025-62706 | 10 Oct 202502:29 | – | circl |
#%NASL_MIN_LEVEL 80900
#
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory dla-4352. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('compat.inc');
if (description)
{
script_id(271941);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2025/10/29");
script_cve_id(
"CVE-2024-37568",
"CVE-2025-59420",
"CVE-2025-61920",
"CVE-2025-62706"
);
script_name(english:"Debian dla-4352 : python-authlib-doc - security update");
script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing one or more security-related updates.");
script_set_attribute(attribute:"description", value:
"The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the
dla-4352 advisory.
-------------------------------------------------------------------------
Debian LTS Advisory DLA-4352-1 [email protected]
https://www.debian.org/lts/security/ Daniel Leidert
October 29, 2025 https://wiki.debian.org/LTS
-------------------------------------------------------------------------
Package : python-authlib
Version : 0.15.4-1+deb11u1
CVE ID : CVE-2024-37568 CVE-2025-59420 CVE-2025-61920 CVE-2025-62706
Multiple vulnerabilities have been found in python-authlib, a Python
library for OAuth and OpenID Connect servers.
CVE-2024-37568
Unless an algorithm is specified in a jwt.decode call, HMAC verification
is allowed with any asymmetric public key.
CVE-2025-59420
Authlibs JWS verification accepts tokens that declare unknown critical
header parameters (crit), violating RFC 7515 mustunderstand semantics.
An attacker can craft a signed token with a critical header that strict
verifiers reject but Authlib accepts. In mixedlanguage fleets, this
enables splitbrain verification and can lead to policy bypass, replay,
or privilege escalation.
CVE-2025-61920
Authlibs JOSE implementation accepts unbounded JWS/JWT header and
signature segments which can lead to a DoS during verification.
CVE-2025-62706
Authlibs JWE zip=DEF path performs unbounded DEFLATE decompression
which can lead to a DoS.
For Debian 11 bullseye, these problems have been fixed in version
0.15.4-1+deb11u1.
We recommend that you upgrade your python-authlib packages.
For the detailed security status of python-authlib please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-authlib
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: This is a digitally signed message part
Tenable has extracted the preceding description block directly from the Debian security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://security-tracker.debian.org/tracker/source-package/python-authlib
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1ee877aa");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2024-37568");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2025-59420");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2025-61920");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2025-62706");
script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/bullseye/python-authlib");
script_set_attribute(attribute:"solution", value:
"Upgrade the python-authlib-doc packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-37568");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/06/09");
script_set_attribute(attribute:"patch_publication_date", value:"2025/10/29");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/10/29");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python-authlib-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python3-authlib");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:11.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Debian Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include('debian_package.inc');
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
var debian_release = get_kb_item('Host/Debian/release');
if ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');
debian_release = chomp(debian_release);
if (! preg(pattern:"^(11)\.[0-9]+", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + debian_release);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);
var pkgs = [
{'release': '11.0', 'prefix': 'python-authlib-doc', 'reference': '0.15.4-1+deb11u1'},
{'release': '11.0', 'prefix': 'python3-authlib', 'reference': '0.15.4-1+deb11u1'}
];
var flag = 0;
foreach package_array ( pkgs ) {
var _release = NULL;
var prefix = NULL;
var reference = NULL;
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (_release && prefix && reference) {
if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : deb_report_get()
);
exit(0);
}
else
{
var tested = deb_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-authlib-doc / python3-authlib');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation