Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Jwcrypto
(Latchset)| Repositories | https://github.com/latchset/jwcrypto |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-02-12 | CVE-2023-6681 | A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service attack. | Fedora, Jwcrypto, Enterprise_linux, Enterprise_linux_for_arm_64, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_little_endian | 5.3 | ||
| 2016-09-01 | CVE-2016-6298 | The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack (MMA). | Jwcrypto | 5.3 |