Jwcrypto
This hub aggregates every CVE we track for Jwcrypto, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
0
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM4
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
2024-072026-06
Latest CVEs
The 4 most recently published vulnerabilities affecting Jwcrypto.
- CVE-2026-39373JWCrypto: JWE ZIP decompression bomb5.3
- CVE-2024-28102JWCrypto vulnerable to JWT bomb Attack in `deserialize` function6.8
- CVE-2023-6681Jwcrypto: denail of service via specifically crafted jwe5.3
- CVE-2016-6298The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain clear...5.3
Product normalization is registry-driven with AI assist and human review. How it works