This repository has been archived by the owner on Feb 22, 2024. It is now read-only.
Vulnerabilities found in PyJWT back in 2015 #119
Comments
GeekOnGadgets
changed the title
|
@GeekOnGadgets do you know whether this project is still going? Thanks |
|
@yunderboy I don't think so. use https://github.com/vimalloc/flask-jwt-extended |
|
Not sure about this extension, but for what it's worth Flask JWT Extended is protected against this vulnerability. |
|
@vimalloc, cool! Any idea on how long you might be maintaining the extension, and would you happen to need some help? |
|
We use the extension at my job, so it will be maintained for quiet a while yet. And I would never turn down any help 👍 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hi,
Thanks for awesome library. Just wanted to confirm something related to PyJWT library you are using in your project. Back in 2015 (https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/) Vulnerability issue was found with PyJWT not sure if that has been fixed now or still have to do a work around? Can't find much information out there.
Sorry for creating this as a issue. Hope you can provide with some info.
Thanks
The text was updated successfully, but these errors were encountered: