CVE-2016-7036

Published January 23rd, 2017

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

1

PROJECT

Description

python-jose before 1.3.2 allows attackers to have unspecified impact by leveraging failure to use a constant time comparison for HMAC keys.

mpdavis/python-jose

A JOSE implementation in Python

GitHub

1.75K