All posts
Critical
Low
Medium

CVE-2025-61920

Alias:

Overview

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.5, Authlib’s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url‑encoded header or signature spans hundreds of megabytes. Durin...

Critical
Low
Medium
No items found.

Severity / CVSS Score:  (Critical)

CWE:

Discovery date:

Authentication required: NoneYes

Attack Vector: None

Affected Components

Kodem Deep Dive

Previous Post
Next Post

Stop the waste.
Protect your environment with Kodem.

Get a personalized demo
Get a personalized demo