Python · Python-Jose · CVE-2016-7036
**Name of the Vulnerable Software and Affected Versions**
python-jose versions prior to 1.3.2
**Description**
The issue allows attackers to have an unspecified impact by leveraging the failure to use a constant time comparison for HMAC keys.
**Recommendations**
For versions prior to 1.3.2, update to version 1.3.2 or later to resolve the issue.