python-jose before 1.3.2 allows attackers to have unspecified impact by leveraging failure to use a constant time comparison for HMAC keys.
CPE | Name | Operator | Version |
---|---|---|---|
python-jose | eq | 0.1.3 | |
python-jose | eq | 0.1.1 | |
python-jose | eq | 0.5.0 | |
python-jose | eq | 1.3.0 | |
python-jose | eq | 1.2.0 | |
python-jose | eq | 1.3.1 | |
python-jose | eq | 0.2.0 | |
python-jose | eq | 0.1.4 | |
python-jose | eq | 1.1.0 | |
python-jose | eq | 0.1.8 |