If you discover a security vulnerability, do not submit a public issue or patch. Instead, please report it privately through the GitHub Security tab.
Security: authlib/joserfc
Security
SECURITY.md
-
PBES2 p2c Unbounded Iteration Count enables Denial of Service (DoS)GHSA-w5r5-m38g-f9f9 published
Feb 28, 2026 by leptureHigh -
Possible Uncontrolled Resource Consumption Vulnerability Triggered by Logging Arbitrarily Large JWT Token PayloadsGHSA-frfh-8v73-gjg4 published
Nov 18, 2025 by leptureCritical
Learn more about advisories related to authlib/joserfc in the GitHub Advisory Database