MGASA-2022-0244

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2022-0244.html
Import Source
https://advisories.mageia.org/MGASA-2022-0244.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2022-0244
Related
Published
2022-06-30T21:31:09Z
Modified
2022-06-30T20:41:08Z
Summary
Updated python-pyjwt packages fix security vulnerability
Details

An attacker submitting the JWT token can choose the used signing algorithm (CVE-2022-29217)

References
Credits

Affected packages

Mageia:8 / python-pyjwt

Package

Name
python-pyjwt
Purl
pkg:rpm/mageia/python-pyjwt?arch=source&distro=mageia-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.0-1.mga8

Ecosystem specific 

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2022-0244.json"