aleph-client (>=1.0.0 <=1.9.1), aleph-sdk-python (>=1.0.0 <=2.3.3) +43 more potentially affected by CVE-2024-28102 +1 more via jwcrypto (>=1.0.0 <=1.5.6)

jwcrypto PYPI version =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =0.1.0, =0.11.0rc1, =2.0.0, =0.1.0, =0.1.0, =0.1.0, =3.41.0, =0.0.0.1, =0.1.7, =2.5.0, =3.0.0 and more Source cves: CVE-2024-28102, CVE-2026-39373 Source advisory: SNYK:PYTHON-JWCRYPTO-15928841...

alastria-auth (>=0.0.3 <=0.0.17), alastria-identity (>=0.2.0 <=0.4.0) +61 more potentially affected by CVE-2026-39373 via jwcrypto (>=0.4.0 <=1.5.6)

jwcrypto PYPI version =0.4.0, =0.0.3, =0.2.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =0.1.0, =0.11.0rc1, =0.4.0a0, =2.0.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0.2, =0.1.0.8 and more Source cves: CVE-2026-39373 Source advisory: OSV:GHSA-FJRM-76X2-C4Q4...

EUVD-2024-0081

Malicious code in bioql PyPI...

Amazon Linux 2 : python-jwcrypto (ALAS-2025-2763)

The version of python-jwcrypto installed on the remote host is prior to 0.4.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2763 advisory. JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cau...

Medium: python-jwcrypto

Issue Overview: JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by passing in a malicious JWE Token with a high compression ratio. When the server processes this token, it will consume a lot o...

JWCrypto: denail of service Via specifically crafted JWE

A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service DoS attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service...

Medium: python-jwcrypto

Issue Overview: A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service DoS attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denia...

JWCrypto Security Vulnerability

JWCrypto is a JWCrypto open source implementation of the Javascript Object Signing and Encryption JOSE web standard. A security vulnerability exists in JWCrypto 1.5.5 and earlier versions, which stems from a vulnerability that allows an attacker to trigger a DoS attack by passing in a malicious J...

DEBIAN-CVE-2023-6681

A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service DoS attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service...

AZL-43006 CVE-2023-6681 affecting package python-jwcrypto 0.6.0-9

A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service DoS attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service...

PYSEC-2024-104

A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service DoS attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service...

UBUNTU-CVE-2023-6681

A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service DoS attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service...

alastria-auth (>=0.0.3 <=0.0.17), alastria-identity (>=0.2.0 <=0.4.0) +36 more potentially affected by CVE-2023-6681 via jwcrypto (>=0.4.0 <=1.5.0)

jwcrypto PYPI version =0.4.0, =0.0.3, =0.2.0, =0.4.0a0, =2.0.0, =0.1.0, =0.1.0, =0.1.0.2, =2.5.6, =0.6.0, =0.1.0, =0.0.0.1, =2.5.0, =0.1.0, =0.1.0, =0.14.1 and more Source cves: CVE-2023-6681 Source advisory: OSV:GHSA-CW2R-4P82-QV79...