Exploit for Authentication Bypass by Spoofing in Python-Jwt_Project Python-Jwt

CVE-2022-39227 JWT Authentication Bypass Demo Project Goal...

Atlassian Jira Service Management Data Center and Server 10.3.x< 10.3.14 / 11.0.x < 11.3.0 (JSDSERVER-16470)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16470 advisory. - ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. In versions prior to...

Prototype Pollution zrender Dependency in Jira Software Data Center and Server

This is a vulnerability in a non-Atlassian Jira Software dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Prototype Pollution vulnerability known as CVE-2021-39227 was introduced in 10.3.0, and 11.0.0 of Jira Software Data...

Prototype Pollution zrender Dependency in Jira Service Management Data Center and Server

This is a vulnerability in a non-Atlassian Jira Service Management dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Prototype Pollution vulnerability known as CVE-2022-39227 was introduced in 10.3.0, and 11.0.0 of Jira...

EUVD-2025-39227

Malicious code in vida-kue30-sukiwir npm...

CVE-2023-39227

​Softneta MedDream PACS stores usernames and passwords in plaintext. The plaintext storage could be abused by attackers to leak legitimate user’s credentials...

CVE-2023-39227 ​Softneta MedDream PACS Plaintext Storage of a Password

​Softneta MedDream PACS stores usernames and passwords in plaintext. The plaintext storage could be abused by attackers to leak legitimate user’s credentials...

CVE-2023-39227

CVE-2023-39227 affects Softneta MedDream PACS; the issue is plaintext storage of usernames and passwords (CWE-256) leading to credential leakage. Connected docs identify affected product and versions: MedDream PACS v7.2.8.810 and earlier. The root cause is insecure plaintext credential storage wi...

Softneta MedDream PACS Premium

1. EXECUTIVE SUMMARY ​CVSS v3 9.8 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: Softneta ​Equipment: MedDream PACS ​Vulnerabilities: Exposed Dangerous Method or Function, Plaintext Storage of a Password 2. RISK EVALUATION ​Successful exploitation of these vulnerabilities could...

Exploit for Authentication Bypass by Spoofing in Python-Jwt_Project Python-Jwt

CVE-2022-39227 CVE-2022-39227 : Proof of Concept Proof of co...

CBL Mariner 2.0 Security Update: python-jwt (CVE-2022-39227)

The version of python-jwt installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-39227 advisory. - python-jwt is a module for generating and verifying JSON Web Tokens. Versions prior to 3.3.4 are subject...

CVE-2022-39227 affecting package python-jwt for versions less than 2.4.0-2

CVE-2022-39227 affecting package python-jwt for versions less than 2.4.0-2. A patched version of the package is available...

CVE-2022-39227 affecting package python-jwt 2.4.0-1

CVE-2022-39227 affecting package python-jwt 2.4.0-1. A patched version of the package is available...

CVE-2022-39227

creationtimestamp| type| source ---|---|--- 2022-09-23 12:13:18+00:00| seen| https://t.me/cibsecurity/50312...

CVE-2022-39227 Python-jwt subject to Authentication Bypass by Spoofing

python-jwt is a module for generating and verifying JSON Web Tokens. Versions prior to 3.3.4 are subject to Authentication Bypass by Spoofing, resulting in identity spoofing, session hijacking or authentication bypass. An attacker who obtains a JWT can arbitrarily forge its contents without knowi...

CVE-2022-39227

The CVE-2022-39227 issue affects the python-jwt library prior to 3.3.4, where an Authentication Bypass by Spoofing flaw allows forging JWT contents without the secret key. This can enable identity spoofing, session hijacking, or authentication bypass if an application relies on the token's claims...

aat-downloader (>=0.0.1 <=0.0.3), audittracker (=0.4.0) +30 more potentially affected by CVE-2022-39227 via python-jwt (>=2.0.1 <=3.3.0)

python-jwt PYPI version =2.0.1, =0.0.1, =1.0.1, =0.1.0.2, =6.0.0a1, =0.0.3, =1.0.3, =3.0.27, =0.0.4, =1.0.0, =1.0.6, =0.0.1, =0.5.0 and more Source cves: CVE-2022-39227 Source advisory: OSV:GHSA-5P8V-58QM-C7FP...

cizohosubscriptions (>=1.0.1 <=1.0.2), code-challenge (>=0.1.0.2 <=0.1.0.8) +7 more potentially affected by CVE-2022-39227 via python-jwt (>=3.2.4 <=3.3.0)

python-jwt PYPI version =3.2.4, =1.0.1, =0.1.0.2, =6.0.0a1, =0.0.3, =1.0.1, =2.0.5, =2.0.6, =2.0.7 - zoho-subscriptions =1.0.1 Source cves: CVE-2022-39227 Source advisory: OSV:PYSEC-2022-259...

@cromwell/admin-panel (>=1.1.3 <=2.1.8), @cromwell/cms (>=1.1.7 <=2.1.12) +113 more potentially affected by CVE-2021-39227 via zrender (>=5.0.1 <=5.2.0)

zrender NPM version =5.0.1, =1.1.3, =1.1.7, =0.0.3-beta.7, =0.0.1, =0.0.1, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =0.0.1, =7.2.2, =1.0.0, =1.1.0 - @lingxiteam/pcfactory =0.2.0 and more Source cves: CVE-2021-39227 Source advisory: OSV:GHSA-FHV8-FX5F-7FXF...

CVE-2021-39227

creationtimestamp| type| source ---|---|--- 2021-09-17 18:23:08+00:00| published-proof-of-concept| https://t.me/cibsecurity/29048 2025-12-27 20:39:07+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3mayo25zzxk2s...