9 matches found
Prototype Pollution zrender Dependency in Jira Service Management Data Center and Server
This is a vulnerability in a non-Atlassian Jira Service Management dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Prototype Pollution vulnerability known as CVE-2022-39227 was introduced in 10.3.0, and 11.0.0 of Jira...
Exploit for Authentication Bypass by Spoofing in Python-Jwt_Project Python-Jwt
CVE-2022-39227 CVE-2022-39227 : Proof of Concept Proof of co...
CBL Mariner 2.0 Security Update: python-jwt (CVE-2022-39227)
The version of python-jwt installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-39227 advisory. - python-jwt is a module for generating and verifying JSON Web Tokens. Versions prior to 3.3.4 are subject...
CVE-2022-39227 affecting package python-jwt for versions less than 2.4.0-2
CVE-2022-39227 affecting package python-jwt for versions less than 2.4.0-2. A patched version of the package is available...
CVE-2022-39227 affecting package python-jwt 2.4.0-1
CVE-2022-39227 affecting package python-jwt 2.4.0-1. A patched version of the package is available...
CVE-2022-39227 Python-jwt subject to Authentication Bypass by Spoofing
python-jwt is a module for generating and verifying JSON Web Tokens. Versions prior to 3.3.4 are subject to Authentication Bypass by Spoofing, resulting in identity spoofing, session hijacking or authentication bypass. An attacker who obtains a JWT can arbitrarily forge its contents without knowi...
CVE-2022-39227
The CVE-2022-39227 issue affects the python-jwt library prior to 3.3.4, where an Authentication Bypass by Spoofing flaw allows forging JWT contents without the secret key. This can enable identity spoofing, session hijacking, or authentication bypass if an application relies on the token's claims...
aat-downloader (>=0.0.1 <=0.0.3), audittracker (=0.4.0) +30 more potentially affected by CVE-2022-39227 via python-jwt (>=2.0.1 <=3.3.0)
python-jwt PYPI version =2.0.1, =0.0.1, =1.0.1, =0.1.0.2, =6.0.0a1, =0.0.3, =1.0.3, =3.0.27, =0.0.4, =1.0.0, =1.0.6, =0.0.1, =0.5.0 and more Source cves: CVE-2022-39227 Source advisory: OSV:GHSA-5P8V-58QM-C7FP...
cizohosubscriptions (>=1.0.1 <=1.0.2), code-challenge (>=0.1.0.2 <=0.1.0.8) +7 more potentially affected by CVE-2022-39227 via python-jwt (>=3.2.4 <=3.3.0)
python-jwt PYPI version =3.2.4, =1.0.1, =0.1.0.2, =6.0.0a1, =0.0.3, =1.0.1, =2.0.5, =2.0.6, =2.0.7 - zoho-subscriptions =1.0.1 Source cves: CVE-2022-39227 Source advisory: OSV:PYSEC-2022-259...