[SECURITY] [DLA 4579-1] python-authlib security update

Debian LTS Advisory DLA-4579-1 [email protected] https://www.debian.org/lts/security/ Emmanuel Arias May 11, 2026 https://wiki.debian.org/LTS Package : python-authlib Version : 0.15.4-1+deb11u2 CVE ID : CVE-2026-27962 CVE-2026-28490 CVE-2026-28498 Three security vulnerabilities were...

Debian dla-4579 : python-authlib-doc - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4579 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4579-1 [email protected]...

ROS-20260417-73-0029

Vulnerability in python-authlib related to information disclosure through inconsistency. Exploitation of the vulnerability may allow an attacker acting remotely to gain unauthorized access to protected information...

openSUSE Security Advisory (SUSE-SU-2026:0975-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2026:0975-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-Authlib (SUSE-SU-2026:0975-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0975-1 advisory. - CVE-2026-27962: JWS deserializecompact allows for signature bypass by accepting user-controlle...

Security update for python-Authlib

This update for python-Authlib fixes the following issues: CVE-2026-27962: JWS deserializecompact allows for signature bypass by accepting user-controlled embedded JWK as verification key bsc1259738. CVE-2026-28490: cryptographic padding oracle in JWE RSA15 key management algorithm bsc1259736...

OPENSUSE-SU-2026:20392-1 Security update for python-Authlib

This update for python-Authlib fixes the following issues: Changes in python-Authlib: - CVE-2026-27962: JWS deserializecompact allows for signature bypass by accepting user-controlled embedded JWK as verification key bsc1259738 - CVE-2026-28490: cryptographic padding oracle in JWE RSA15 key...

openSUSE Security Advisory (SUSE-SU-2026:0828-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-Authlib (SUSE-SU-2026:0828-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0828-1 advisory. - CVE-2025-68158: Fixed 1-click account takeover in applications that use the Authlib library bsc1256414...

Security update for python-Authlib

This update for python-Authlib fixes the following issues: CVE-2025-68158: Fixed 1-click account takeover in applications that use the Authlib library bsc1256414 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2026:0828-1 Security update for python-Authlib

This update for python-Authlib fixes the following issues: - CVE-2025-68158: Fixed 1-click account takeover in applications that use the Authlib library bsc1256414...

Ubuntu: Security Advisory (USN-8065-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 16 Security Update : python-Authlib (openSUSE-SU-2026:20257-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20257-1 advisory. Changes in python-Authlib: - CVE-2025-68158: Fixed 1-click account takeover in applications that use the Authlib library bsc1256414 Tenable has extracte...

OPENSUSE-SU-2026:20257-1 Security update for python-Authlib

This update for python-Authlib fixes the following issues: Changes in python-Authlib: - CVE-2025-68158: Fixed 1-click account takeover in applications that use the Authlib library bsc1256414...

ROS-20260122-73-0007

Vulnerability in python-authlib related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

openSUSE Security Advisory (SUSE-SU-2025:3842-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-4352-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-4352-1 python-authlib - security update

Bulletin has no description...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-Authlib (SUSE-SU-2025:3842-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:3842-1 advisory. - CVE-2025-62706: fixed a denial of service condition bsc1252504, ghauthlib/authlib@e0863d512931 Tenable...