CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

325 matches found

OSV•added 2025/10/13 12:0 a.m.•1 views

OPENSUSE-SU-2025:15629-1 python311-Authlib-1.6.5-1.1 on GA media

These are all security issues fixed in the python311-Authlib-1.6.5-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS7.1AI score0.00424EPSS

Exploits1References1

vulnersOsv•added 2025/10/10 10:54 p.m.•2 views

aad-fastapi (>=1.0.0 <=1.1.2), aad-fastapi-dl37 (>=1.0.0 <=1.0.3) +262 more potentially affected by CVE-2025-62706 via authlib (>=0.10.0 <=1.6.4)

authlib PYPI version =0.10.0, =1.0.0, =1.0.0, =0.0.1, =1.0.2, =1.0.2, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.4.0, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0rc4 and more Source cves: CVE-2025-62706 Source advisory: OSV:GHSA-G7F3-828F-7H7M...

6.5CVSS5.8AI score0.00137EPSS

Exploits1

vulnersOsv•added 2025/10/10 10:54 p.m.•4 views

aad-fastapi-dl37 (>=1.0.0 <=1.0.2), agentiq (>=1.2.0a20250730 <=1.2.0rc4) +203 more potentially affected by CVE-2025-62706 via authlib (>=1.0.0 <=1.6.4)

authlib PYPI version =1.0.0, =1.0.0, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.4.0, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0rc4 and more Source cves: CVE-2025-62706 Source advisory:...

6.5CVSS5.8AI score0.00137EPSS

Exploits1

Snyk•added 2025/10/10 10:54 p.m.•1 views

Allocation of Resources Without Limits or Throttling

Overview authlib is a library in building OAuth and OpenID Connect servers. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the DeflateZipAlgorithm.decompress function. An attacker can exhaust memory and CPU resources by submitting...

7.1CVSS7AI score0.00137EPSS

Exploits1References3

OSV•added 2025/10/10 10:54 p.m.•1 views

GHSA-G7F3-828F-7H7M Authlib : JWE zip=DEF decompression bomb enables DoS

Summary Authlib’s JWE zip=DEF path performs unbounded DEFLATE decompression. A very small ciphertext can expand into tens or hundreds of megabytes on decrypt, allowing an attacker who can supply decryptable tokens to exhaust memory and CPU and cause denial of service. Details - Affected component...

6.5CVSS7.1AI score0.00137EPSS

Exploits1References5

RedhatCVE•added 2025/10/10 9:1 p.m.•3 views

CVE-2025-61920

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.5, Authlib’s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url‑encoded header or signature spans hundreds of megabytes...

7.5CVSS6.8AI score0.00424EPSS

Exploits1References5

Github Security Blog•added 2025/10/10 8:26 p.m.•5 views

Authlib is vulnerable to Denial of Service via Oversized JOSE Segments

Summary Authlib’s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url‑encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving...

7.5CVSS7.2AI score0.00424EPSS

Exploits1References5Affected Software1

vulnersOsv•added 2025/10/10 8:26 p.m.•5 views

aad-fastapi (>=1.0.0 <=1.1.2), aad-fastapi-dl37 (>=1.0.0 <=1.0.3) +262 more potentially affected by CVE-2025-61920 via authlib (>=0.10.0 <=1.6.4)

7.5CVSS5.8AI score0.00424EPSS

Exploits1

vulnersOsv•added 2025/10/10 8:26 p.m.•1 views

aad-fastapi-dl37 (>=1.0.0 <=1.0.2), agentiq (>=1.2.0a20250730 <=1.2.0rc4) +203 more potentially affected by CVE-2025-61920 via authlib (>=1.0.0 <=1.6.4)

7.5CVSS5.8AI score0.00424EPSS

Exploits1

Snyk•added 2025/10/10 8:26 p.m.•3 views

Allocation of Resources Without Limits or Throttling

Overview authlib is a library in building OAuth and OpenID Connect servers. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the extractsegment and extractheader processes. An unauthenticated attacker can exhaust system resources and...

8.7CVSS7AI score0.00424EPSS

Exploits1References2

OSV•added 2025/10/10 8:26 p.m.•0 views

GHSA-PQ5P-34CR-23V9 Authlib is vulnerable to Denial of Service via Oversized JOSE Segments

7.5CVSS7.2AI score0.00424EPSS

Exploits1References5

NVD•added 2025/10/10 8:15 p.m.•2 views

CVE-2025-61920

7.5CVSS0.00424EPSS

Exploits1References3

OSV•added 2025/10/10 8:15 p.m.•2 views

DEBIAN-CVE-2025-61920

7.5CVSS5.5AI score0.00424EPSS

Exploits1References1

OSV•added 2025/10/10 8:15 p.m.•0 views

UBUNTU-CVE-2025-61920

7.5CVSS7.2AI score0.00424EPSS

Exploits1References6

Vulnrichment•added 2025/10/10 7:25 p.m.•1 views

CVE-2025-61920 Authlib is vulnerable to Denial of Service via Oversized JOSE Segments

7.5CVSS6.6AI score0.00424EPSS

Exploits1References2

CVE•added 2025/10/10 7:25 p.m.•32 views

CVE-2025-61920

CVE-2025-61920 — Authlib (Python) Authlib’s JOSE implementation (prior to v1.6.5) accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url header or signature spans hundreds of megabytes. During verification, the library decodes and parses the f...

7.5CVSS6.6AI score0.00424EPSS

Exploits1References3Affected Software1