Hello to all devs, I'm using Fernet with Django to store some private
external data in a Regulators Website.
Recently, that data has been exposed in encrypted form by a mistake.
Each user saw some of their data in encrypted form in the configuration
view, and if it modified them, the filtered conte
If the only thing exposed was encrypted fernet tokens then there is no
way to determine the key used by those tokens short of a brute force
attack. Based on what you're describing users could potentially have
run a chosen plaintext attack as well, but Fernet's construction
(AES-CBC with random IV +
