Lucene search
GoogleOSV:GHSA-W799-PRG3-CX77HistoryMay 17, 2022 - 3:02 a.m.
python-jose failure to use a constant time comparison for HMAC keys
2022-05-1703:02:29
Google
osv.dev
2
0.003 Low
EPSS
Percentile
70.5%
python-jose before 1.3.2 allows attackers to have unspecified impact by leveraging failure to use a constant time comparison for HMAC keys.
| CPE | Name | Operator | Version |
|---|---|---|---|
| python-jose | eq | 0.5.2 | |
| python-jose | eq | 1.3.0 | |
| python-jose | eq | 0.5.1 | |
| python-jose | eq | 0.1.0 | |
| python-jose | eq | 0.1.5 | |
| python-jose | eq | 0.5.6 | |
| python-jose | eq | 0.1.1 | |
| python-jose | eq | 0.3.0 | |
| python-jose | eq | 0.5.3 | |
| python-jose | eq | 0.1.4 |
Related
debiancve
debiancve
CVE-2016-7036
2017-01-23 21:59:02
osv
osv
PYSEC-2017-28
2017-01-23 21:59:00
CVE-2016-7036
2017-01-23 21:59:02
github
github
python-jose failure to use a constant time comparison for HMAC keys
2022-05-17 03:02:29
veracode
veracode
Timing Attack Via Authentication
2017-01-24 02:22:04
cvelist
cvelist
CVE-2016-7036
2017-01-23 21:00:00
cve
cve
CVE-2016-7036
2017-01-23 21:59:02
nvd
nvd
CVE-2016-7036
2017-01-23 21:59:02
prion
prion
Code injection
2017-01-23 21:59:00