pyjwt 代码问题漏洞

PyJWT is a Python library developed by José Padilla of the United States. It allows for the encoding and decoding of JSON Web Tokens JWTs. Prior to version 2.13.0, there were code vulnerabilities in PyJWT. These vulnerabilities stemmed from PyJWKClient directly passing the uri parameter to...

CVE-2025-6391 JSON Web Token (JWT) Exposure in Log Files

Brocade ASCG before 3.3.0 logs JSON Web Tokens JWT in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure...