Vulnerabilities

1 via 1 paths

Dependencies

67

Source

GitHub

Commit

f25fc5be

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

high severity

Use of a Broken or Risky Cryptographic Algorithm

  • Vulnerable module: pyjwt
  • Introduced through: pyjwt@2.0.1

Detailed paths

  • Introduced through: blabla1337/skf-flask@blabla1337/skf-flask#f25fc5bec8d5198808147630be438dbbc2541b88 pyjwt@2.0.1
    Remediation: Upgrade to pyjwt@2.4.0.

Overview

PyJWT is a Python implementation of RFC 7519.

Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm via non-blacklisted public key formats, leading to key confusion.

Remediation

Upgrade PyJWT to version 2.4.0 or higher.

References