All posts
Critical
Low
Medium

CVE-2025-59420

Overview

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.4, Authlib’s JWS verification accepts tokens that declare unknown critical header parameters (crit), violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical he...

Critical
Low
Medium
No items found.

Package:

Impact:

Fix:

Year:

CVSS:

Severity:

Affected Components

Location

Previous Post
Next Post

Stop the waste.
Protect your environment with Kodem.

Get a personalized demo
Get a personalized demo