A vulnerability has been found in the ecdsa dependency which will not be patched in the python-jose package. python-joseseems to be abandoned. Other people are also encountering these security issues.
I suggest to update authenticating-users/main.py to not use this insecure package. A commonly used alternative is PyJWT.
A vulnerability has been found in the
ecdsa
dependency which will not be patched in thepython-jose
package.python-jose
seems to be abandoned. Other people are also encountering these security issues.I suggest to update authenticating-users/main.py to not use this insecure package. A commonly used alternative is PyJWT.