A vulnerability has been found in the ecdsa dependency which will not be patched in the python-jose package. python-jose seems to be abandoned. Other people are also encountering these security issues.
I suggest to update authenticating-users/main.py to not use this insecure package. A commonly used alternative is PyJWT.
A vulnerability has been found in the
ecdsadependency which will not be patched in thepython-josepackage.python-joseseems to be abandoned. Other people are also encountering these security issues.I suggest to update authenticating-users/main.py to not use this insecure package. A commonly used alternative is PyJWT.