Skip to content

Commit c8ddbff

Browse files
ColeMurrayColeMurray
authored
Security: Update authlib to 1.6.5 (CVE-2025-61920) (#2347)
Updates authlib from 1.6.1 to 1.6.5 to address CVE-2025-61920, which fixes a denial of service vulnerability in JOSE implementation that accepts unbounded JWS/JWT header and signature segments.
1 parent c9ec145 commit c8ddbff

File tree

2 files changed

+5
-5
lines changed

2 files changed

+5
-5
lines changed

pyproject.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ dependencies = [
1212
"platformdirs>=4.0.0",
1313
"rich>=13.9.4",
1414
"cyclopts>=3.0.0",
15-
"authlib>=1.5.2",
15+
"authlib>=1.6.5",
1616
"pydantic[email]>=2.11.7",
1717
"pyperclip>=1.9.0",
1818
"py-key-value-aio[disk,keyring,memory]>=0.2.8,<0.3.0",

uv.lock

Lines changed: 4 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)