2.0.1 - Security Fix
What's Changed
- Security fix - CVE-2022-39227 by @codemation in #95
Disclosure date
2023-03-07T18:48:04.077Z
Title
Vulnerable python_jwt dependecy version used, leading to CVE-2022-39227
Severity
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N = Critical (10)
Vulnerability Type
Authentication Bypass by Spoofing
Thanks to @notnci for locating & @psmoros for reporting.
Full Changelog: 2.0.0...2.0.1
Contributors
psmoros, codemation, and notnci
Assets 2
0
Join discussion