JWCrypto vulnerable to JWT bomb Attack in `deserialize` function
Affected version Vendor: https://github.com/latchset/jwcrypto Version: 1.5.5 Description An attacker can cause a DoS attack by passing in a malicious JWE Token with a high compression ratio. When the server processes this Token, it will consume a lot of memory and processing time. Poc python from...