Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.13 views

PT-2026-44396

Name of the Vulnerable Software and Affected Versions PyJWT versions prior to 2.13.0 Description PyJWT is a JSON Web Token implementation in Python. The get signing key function in PyJWKClient forces a new HTTP request to the JWKS endpoint for every JWT containing an unknown kid value, without...

9.8CVSS5.2AI score0.00222EPSS
Exploits0References235
NVD
NVD
added 2014/02/14 3:55 p.m.16 views

CVE-2014-1921

parcimonie before 0.8.1, when using a large keyring, sleeps for the same amount of time between fetches, which allows attackers to correlate key fetches via unspecified vectors...

7.5CVSS6.3AI score0.01559EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2014/02/14 3:55 p.m.20 views

CVE-2014-1921

parcimonie before 0.8.1, when using a large keyring, sleeps for the same amount of time between fetches, which allows attackers to correlate key fetches via unspecified vectors...

7.5CVSS5.9AI score0.01559EPSS
Exploits0References4
CVE
CVE
added 2014/02/14 3:0 p.m.44 views

CVE-2014-1921

CVE-2014-1921 affects parcimonie (privacy-friendly keyring refresh) with large keyrings. The issue is a timing-based information leakage: the tool sleeps a fixed interval between key fetches (e.g., ten minutes for large keyrings), enabling an observer to correlate fetches across events. Debian/DS...

7.5CVSS6.4AI score0.01559EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/02/12 12:0 a.m.11 views

Debian DSA-2860-1 : parcimonie - information disclosure

Holger Levsen discovered that parcimonie, a privacy-friendly helper to refresh a GnuPG keyring, is affected by a design problem that undermines the usefulness of this piece of software in the intended threat model. When using parcimonie with a large keyring 1000 public keys or more, it would alwa...

7.5CVSS5.4AI score0.01559EPSS
Exploits0References4
Debian
Debian
added 2014/02/11 8:52 p.m.11 views

[SECURITY] [DSA 2860-1] parcimonie security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2860-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 11, 2014 http://www.debian.org/security/faq -...

7.5CVSS5.8AI score0.01559EPSS
Exploits0
OpenVAS
OpenVAS
added 2014/02/11 12:0 a.m.20 views

Debian Security Advisory DSA 2860-1 (parcimonie - information disclosure)

Holger Levsen discovered that parcimonie, a privacy-friendly helper to refresh a GnuPG keyring, is affected by a design problem that undermines the usefulness of this piece of software in the intended threat model. When using parcimonie with a large keyring 1000 public keys or more, it would alwa...

7.5CVSS6.2AI score0.01559EPSS
Exploits0References1
OSV
OSV
added 2014/02/11 12:0 a.m.16 views

DSA-2860-1 parcimonie - information disclosure

Bulletin has no description...

7.5CVSS6.3AI score0.01559EPSS
Exploits0
Rows per page
Query Builder