VYPR
Critical severity9.8NVD Advisory· Published Jan 23, 2017· Updated Jun 17, 2026

CVE-2016-7036

CVE-2016-7036

Description

python-jose before 1.3.2 allows attackers to have unspecified impact by leveraging failure to use a constant time comparison for HMAC keys.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
python-josePyPI
< 1.3.21.3.2

Affected products

2

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.