Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 2 of 2 results

CVE-2022-29217

Medium priority

Some fixes available 3 of 4

PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT token can choose the used signing algorithm. The PyJWT library requires that the...

1 affected packages

pyjwt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pyjwt Fixed Fixed Fixed Not affected
Show less packages

CVE-2017-11424

Medium priority
Fixed

In PyJWT 1.5.0 and below the `invalid_strings` check in `HMACAlgorithm.prepare_key` does not account for all PEM encoded public keys. Specifically, the PKCS1 PEM encoded format would be allowed because it is prefaced with the...

1 affected packages

pyjwt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pyjwt Fixed
Show less packages