apk package
wolfi/py3-supported-jwcrypto
pkg:apk/wolfi/py3-supported-jwcrypto
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-28102 | — | < 1.5.6-r0 | 1.5.6-r0 | Mar 6, 2024 | JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by passing in a malicious JWE Token with a high compression ratio. When the server processes this token, it will consume a lot |
- CVE-2024-28102Mar 6, 2024affected < 1.5.6-r0fixed 1.5.6-r0
JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by passing in a malicious JWE Token with a high compression ratio. When the server processes this token, it will consume a lot