{"id":"USN-8557-1","summary":"python-authlib vulnerabilities","details":"Jay Neiva and Mauro Carrillo discovered that Authlib did not properly\nvalidate cryptographic keys embedded in JWT headers. An attacker could\npossibly use this issue to forge trusted tokens, resulting in\nauthentication and authorization bypass. (CVE-2026-27962)\n\nJay Neiva and Mauro Carrillo discovered that Authlib incorrectly handled\nRSA1_5 encrypted tokens. An attacker could possibly use this issue to\nrecover sensitive encrypted information, resulting in information\ndisclosure. (CVE-2026-28490)\n\nJay Neiva and Mauro Carrillo discovered that Authlib did not properly\nreject unsupported cryptographic algorithms when validating OpenID\nConnect ID tokens. An attacker could possibly use this issue to bypass\ntoken integrity checks, resulting in authentication bypass.\n(CVE-2026-28498)\n\nJohnny Deuss discovered that Authlib did not provide cross-site request\nforgery protection for the OAuth cache feature in its Starlette\nintegration. An attacker could possibly use this issue to perform\nunauthorized OAuth actions, resulting in cross-site request forgery.\nThis issue only affected Ubuntu 24.04 LTS and Ubuntu 26.04 LTS.\n(CVE-2026-41425)","modified":"2026-07-17T01:35:30.249393198Z","published":"2026-07-16T17:44:41Z","related":["UBUNTU-CVE-2026-27962","UBUNTU-CVE-2026-28490","UBUNTU-CVE-2026-28498","UBUNTU-CVE-2026-41425"],"upstream":["CVE-2026-27962","CVE-2026-28490","CVE-2026-28498","CVE-2026-41425","UBUNTU-CVE-2026-27962","UBUNTU-CVE-2026-28490","UBUNTU-CVE-2026-28498","UBUNTU-CVE-2026-41425"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8557-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-27962"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-28490"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-28498"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-41425"}],"affected":[{"package":{"name":"python-authlib","ecosystem":"Ubuntu:Pro:22.04:LTS","purl":"pkg:deb/ubuntu/python-authlib?arch=source&distro=esm-apps%2Fjammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.15.5-1ubuntu0.1~esm2"}]}],"versions":["0.15.4-1","0.15.5-1","0.15.5-1ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"0.15.5-1ubuntu0.1~esm2","binary_name":"python3-authlib"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:Pro:22.04:LTS","cves":[{"id":"CVE-2026-27962","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-28490","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2026-28498","severity":[{"score":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N","type":"CVSS_V4"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"type":"Ubuntu","score":"medium"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8557-1.json"}},{"package":{"name":"python-authlib","ecosystem":"Ubuntu:Pro:24.04:LTS","purl":"pkg:deb/ubuntu/python-authlib?arch=source&distro=esm-apps%2Fnoble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.0-1ubuntu0.1~esm2"}]}],"versions":["1.2.1-1","1.3.0-1","1.3.0-1ubuntu0.1~esm1"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_version":"1.3.0-1ubuntu0.1~esm2","binary_name":"python3-authlib"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:Pro:24.04:LTS","cves":[{"id":"CVE-2026-27962","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","type":"CVSS_V3"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2026-28490","severity":[{"score":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N","type":"CVSS_V4"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-28498"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-41425"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8557-1.json"}},{"package":{"name":"python-authlib","ecosystem":"Ubuntu:Pro:26.04:LTS","purl":"pkg:deb/ubuntu/python-authlib?arch=source&distro=esm-apps%2Fresolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.7-1ubuntu0.1~esm1"}]}],"versions":["1.6.0-1","1.6.5-1","1.6.6-1","1.6.7-1"],"ecosystem_specific":{"binaries":[{"binary_name":"python3-authlib","binary_version":"1.6.7-1ubuntu0.1~esm1"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8557-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:26.04:LTS","cves":[{"id":"CVE-2026-27962","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","type":"CVSS_V3"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2026-28490","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2026-28498","severity":[{"score":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N","type":"CVSS_V4"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","type":"CVSS_V3"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2026-41425","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"type":"Ubuntu","score":"medium"}]}]}}}],"schema_version":"1.7.5"}