rpm package

almalinux/python3-jwcrypto

pkg:rpm/almalinux/python3-jwcrypto

Vulnerabilities (23)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2025-59089	Med	5.9		< 0.5.0-2.module_el8.10.0+3844+20e075e5	0.5.0-2.module_el8.10.0+3844+20e075e5	Nov 12, 2025	If an attacker causes kdcproxy to connect to an attacker-controlled KDC server (e.g. through server-side request forgery), they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's respo
CVE-2025-59088	Hig	8.6		< 0.5.0-2.module_el8.10.0+3844+20e075e5	0.5.0-2.module_el8.10.0+3844+20e075e5	Nov 12, 2025	If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the DNS zone matching the requested realm name. This creates a server-side request forgery vulnerability, since an attacker could
CVE-2025-7493	Cri	9.1		< 0.5.0-2.module_el8.10.0+3844+20e075e5	0.5.0-2.module_el8.10.0+3844+20e075e5	Sep 30, 2025	A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM crede
CVE-2025-4404	Cri	9.1		< 0.5.0-2.module_el8.10.0+3844+20e075e5	0.5.0-2.module_el8.10.0+3844+20e075e5	Jun 17, 2025	A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM
CVE-2024-3183		—		< 0.5.0-2.module_el8.10.0+3844+20e075e5	0.5.0-2.module_el8.10.0+3844+20e075e5	Jun 12, 2024	A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key d
CVE-2024-2698		—		< 0.5.0-2.module_el8.10.0+3844+20e075e5	0.5.0-2.module_el8.10.0+3844+20e075e5	Jun 12, 2024	A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. Fixing this mistake required adding a special case for the check_allowed_to_delegate() function: If th
CVE-2024-28102		—		< 0.8-5.el9_4	0.8-5.el9_4	Mar 6, 2024	JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by passing in a malicious JWE Token with a high compression ratio. When the server processes this token, it will consume a lot
CVE-2023-6681		—		< 1.5.6-2.el9	1.5.6-2.el9	Feb 12, 2024	A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a de
CVE-2023-5455		—		< 0.5.0-1.1.module_el8.7.0+3349+cfeff52e	0.5.0-1.1.module_el8.7.0+3349+cfeff52e	Jan 10, 2024	A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system int
CVE-2020-25719		—		< 0.5.0-1.module_el8.5.0+2603+92118e57	0.5.0-1.module_el8.5.0+2603+92118e57	Feb 18, 2022	A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found withi
CVE-2021-3480		—		< 0.5.0-1.module_el8.5.0+2603+92118e57	0.5.0-1.module_el8.5.0+2603+92118e57	May 20, 2021	A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability.
CVE-2020-17049		—		< 0.5.0-1.1.module_el8.7.0+3349+cfeff52e	0.5.0-1.1.module_el8.7.0+3349+cfeff52e	Nov 11, 2020	A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). To exploit the vulnerability, a compromised service that is configured to use KCD could tam
CVE-2020-11022	Med	6.9		< 0.5.0-1.module_el8.5.0+2641+983b221b	0.5.0-1.module_el8.5.0+2641+983b221b	Apr 29, 2020	In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11023		—	KEV	< 0.5.0-1.module_el8.5.0+2603+92118e57	0.5.0-1.module_el8.5.0+2603+92118e57	Apr 29, 2020	In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This pro
CVE-2020-1722		—		< 0.5.0-1.module_el8.5.0+2641+983b221b	0.5.0-1.module_el8.5.0+2641+983b221b	Apr 27, 2020	A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat
CVE-2019-11358		—		< 0.5.0-1.module_el8.5.0+2641+983b221b	0.5.0-1.module_el8.5.0+2641+983b221b	Apr 19, 2019	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2019-8331		—		< 0.5.0-1.module_el8.5.0+2641+983b221b	0.5.0-1.module_el8.5.0+2641+983b221b	Feb 20, 2019	In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVE-2018-20677		—		< 0.5.0-1.module_el8.5.0+2641+983b221b	0.5.0-1.module_el8.5.0+2641+983b221b	Jan 9, 2019	In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CVE-2018-20676		—		< 0.5.0-1.module_el8.5.0+2641+983b221b	0.5.0-1.module_el8.5.0+2641+983b221b	Jan 9, 2019	In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CVE-2016-10735		—		< 0.5.0-1.module_el8.5.0+2641+983b221b	0.5.0-1.module_el8.5.0+2641+983b221b	Jan 9, 2019	In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

CVE-2025-59089MedNov 12, 2025
affected < 0.5.0-2.module_el8.10.0+3844+20e075e5fixed 0.5.0-2.module_el8.10.0+3844+20e075e5
If an attacker causes kdcproxy to connect to an attacker-controlled KDC server (e.g. through server-side request forgery), they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's respo
CVE-2025-59088HigNov 12, 2025
affected < 0.5.0-2.module_el8.10.0+3844+20e075e5fixed 0.5.0-2.module_el8.10.0+3844+20e075e5
If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the DNS zone matching the requested realm name. This creates a server-side request forgery vulnerability, since an attacker could
CVE-2025-7493CriSep 30, 2025
affected < 0.5.0-2.module_el8.10.0+3844+20e075e5fixed 0.5.0-2.module_el8.10.0+3844+20e075e5
A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM crede
CVE-2025-4404CriJun 17, 2025
affected < 0.5.0-2.module_el8.10.0+3844+20e075e5fixed 0.5.0-2.module_el8.10.0+3844+20e075e5
A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM
CVE-2024-3183Jun 12, 2024
affected < 0.5.0-2.module_el8.10.0+3844+20e075e5fixed 0.5.0-2.module_el8.10.0+3844+20e075e5
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key d
CVE-2024-2698Jun 12, 2024
affected < 0.5.0-2.module_el8.10.0+3844+20e075e5fixed 0.5.0-2.module_el8.10.0+3844+20e075e5
A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. Fixing this mistake required adding a special case for the check_allowed_to_delegate() function: If th
CVE-2024-28102Mar 6, 2024
affected < 0.8-5.el9_4fixed 0.8-5.el9_4
JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by passing in a malicious JWE Token with a high compression ratio. When the server processes this token, it will consume a lot
CVE-2023-6681Feb 12, 2024
affected < 1.5.6-2.el9fixed 1.5.6-2.el9
A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a de
CVE-2023-5455Jan 10, 2024
affected < 0.5.0-1.1.module_el8.7.0+3349+cfeff52efixed 0.5.0-1.1.module_el8.7.0+3349+cfeff52e
A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system int
CVE-2020-25719Feb 18, 2022
affected < 0.5.0-1.module_el8.5.0+2603+92118e57fixed 0.5.0-1.module_el8.5.0+2603+92118e57
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found withi
CVE-2021-3480May 20, 2021
affected < 0.5.0-1.module_el8.5.0+2603+92118e57fixed 0.5.0-1.module_el8.5.0+2603+92118e57
A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability.
CVE-2020-17049Nov 11, 2020
affected < 0.5.0-1.1.module_el8.7.0+3349+cfeff52efixed 0.5.0-1.1.module_el8.7.0+3349+cfeff52e
A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). To exploit the vulnerability, a compromised service that is configured to use KCD could tam
CVE-2020-11022MedApr 29, 2020
affected < 0.5.0-1.module_el8.5.0+2641+983b221bfixed 0.5.0-1.module_el8.5.0+2641+983b221b
In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11023KEVApr 29, 2020
affected < 0.5.0-1.module_el8.5.0+2603+92118e57fixed 0.5.0-1.module_el8.5.0+2603+92118e57
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This pro
CVE-2020-1722Apr 27, 2020
affected < 0.5.0-1.module_el8.5.0+2641+983b221bfixed 0.5.0-1.module_el8.5.0+2641+983b221b
A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat
CVE-2019-11358Apr 19, 2019
affected < 0.5.0-1.module_el8.5.0+2641+983b221bfixed 0.5.0-1.module_el8.5.0+2641+983b221b
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2019-8331Feb 20, 2019
affected < 0.5.0-1.module_el8.5.0+2641+983b221bfixed 0.5.0-1.module_el8.5.0+2641+983b221b
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVE-2018-20677Jan 9, 2019
affected < 0.5.0-1.module_el8.5.0+2641+983b221bfixed 0.5.0-1.module_el8.5.0+2641+983b221b
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CVE-2018-20676Jan 9, 2019
affected < 0.5.0-1.module_el8.5.0+2641+983b221bfixed 0.5.0-1.module_el8.5.0+2641+983b221b
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CVE-2016-10735Jan 9, 2019
affected < 0.5.0-1.module_el8.5.0+2641+983b221bfixed 0.5.0-1.module_el8.5.0+2641+983b221b
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

Page 1 of 2