Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.13 views

SUSE SLES16 Security Update : python-PyJWT (SUSE-SU-2026:22170-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22170-1 advisory. This update for python-PyJWT fixes the following issues - CVE-2026-48522: PyJWKClient passes URI arguments directly to...

7.4CVSS5.8AI score0.00394EPSS
Exploits4References16
Github Security Blog
Github Security Blog
added 2026/06/15 5:28 p.m.9 views

PyJWKClient unbounded JWKS endpoint requests via attacker-controlled kid values (DoS)

!NOTE The vulnerability surfaces only when a JWKS fetch fails; an attacker can attempt to provoke that with sustained unknown-kid traffic, but the outcome depends on upstream JWKS-endpoint behavior rate limiting, transient errors which is beyond the attacker's control. Impact is reduced auth...

3.7CVSS5.2AI score0.00222EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/30 1:59 a.m.18 views

SUSE CVE-2026-48524

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.getsigningkey forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since kid comes from the unverified token header, an attacker can trigger unlimited...

3.7CVSS5.8AI score0.00222EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-48524

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.getsigningkey forces a fresh HTTP request to the JWKS endpoint for every JWT wi...

3.7CVSS6AI score0.00222EPSS
Exploits0References4
OSV
OSV
added 2026/05/28 4:16 p.m.8 views

DEBIAN-CVE-2026-48524

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.getsigningkey forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since kid comes from the unverified token header, an attacker can trigger unlimited...

3.7CVSS5.8AI score0.00222EPSS
Exploits0References1
OSV
OSV
added 2026/05/28 4:16 p.m.10 views

UBUNTU-CVE-2026-48524

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.getsigningkey forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since kid comes from the unverified token header, an attacker can trigger unlimited...

3.7CVSS5.8AI score0.00222EPSS
Exploits0References3
CVE
CVE
added 2026/05/28 3:7 p.m.48 views

CVE-2026-48524

CVE-2026-48524 affects PyJWT prior to 2.13.0. The issue is in PyJWKClient.get_signing_key(), which can force a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since the kid is from an unverified token header, an attacker can trigger unlimite...

3.7CVSS5.8AI score0.00222EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/28 3:7 p.m.11 views

CVE-2026-48524 PyJWT: PyJWKClient unbounded JWKS endpoint requests via attacker-controlled kid values (DoS)

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.getsigningkey forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since kid comes from the unverified token header, an attacker can trigger unlimited...

3.7CVSS5.8AI score0.00222EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/28 3:7 p.m.9 views

CVE-2026-48524

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.getsigningkey forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since kid comes from the unverified token header, an attacker can trigger unlimited...

3.7CVSS5.8AI score0.00222EPSS
Exploits0
OSV
OSV
added 2026/05/04 9:25 p.m.5 views

GHSA-M7HM-VM4X-28JF apko `DiscoverKeys` has a panic on non-rsa jwks key that causes crash during key discovery

DiscoverKeys in pkg/apk/apk/implementation.go unconditionally type-asserts JWKS keys as rsa.PublicKey without checking the key type. If a repository JWKS endpoint returns a non-RSA key e.g. EC, the unchecked assertion panics and crashes apko. This affects any workflow that initializes the APK...

6.5CVSS5.8AI score0.00252EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/04 9:25 p.m.6 views

Incorrect Type Conversion or Cast

Overview Affected versions of this package are vulnerable to Incorrect Type Conversion or Cast in the DiscoverKeys process. An attacker can cause the application to crash by providing a non-RSA key such as an EC key from a repository JWKS endpoint, which triggers a panic due to an unchecked type...

7.1CVSS5.8AI score0.00252EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/03 7:20 a.m.101 views

Exploit for CVE-2026-29000

pac4j-jwe-forge CVE-2026-29000 Proof-of-concept for CVE-202...

9.3CVSS5.9AI score0.05856EPSS
Exploits17
Snyk
Snyk
added 2026/03/13 8:3 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchKey function. An attacker can cause the server to make arbitrary HTTP requests to attacker-controlled destinations by crafting a JWT with malicious claim values that are interpolated into th...

9.3CVSS5.9AI score0.00258EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/13 8:3 p.m.3 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchKey function. An attacker can cause the server to make arbitrary HTTP requests to attacker-controlled destinations by crafting a JWT with malicious claim values that are interpolated into th...

9.3CVSS5.9AI score0.00258EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/13 8:3 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchKey function. An attacker can cause the server to make arbitrary HTTP requests to attacker-controlled destinations by crafting a JWT with malicious claim values that are interpolated into th...

9.3CVSS5.9AI score0.00258EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/13 8:3 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchKey function. An attacker can cause the server to make arbitrary HTTP requests to attacker-controlled destinations by crafting a JWT with malicious claim values that are interpolated into th...

9.3CVSS5.9AI score0.00258EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2026/03/13 10:23 a.m.232 views

Exploit for CVE-2026-29000

CVE-2026-29000 – pac4j JWT Authentication Bypass Python PoC...

9.3CVSS6AI score0.05856EPSS
Exploits17
ATTACKERKB
ATTACKERKB
added 2026/03/12 9:19 p.m.2 views

CVE-2026-32301

Centrifugo is an open-source scalable real-time messaging server. Prior to 6.7.0, Centrifugo is vulnerable to Server-Side Request Forgery SSRF when configured with a dynamic JWKS endpoint URL using template variables e.g. tenant. An unauthenticated attacker can craft a JWT with a malicious iss or...

9.3CVSS5.8AI score0.00258EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.8 views

PT-2026-25082

Name of the Vulnerable Software and Affected Versions Centrifugo versions prior to 6.7.0 Description Centrifugo is susceptible to a Server-Side Request Forgery SSRF condition when configured with a dynamic JWKS endpoint URL that utilizes template variables, such as tenant. An unauthenticated...

9.3CVSS6AI score0.00258EPSS
Exploits1References14
ATTACKERKB
ATTACKERKB
added 2026/03/11 7:36 p.m.2 views

CVE-2026-27478

Unity Catalog is an open, multi-modal Catalog for data and AI. In 0.4.0 and earlier, a critical authentication bypass vulnerability exists in the Unity Catalog token exchange endpoint /api/1.0/unity-control/auth/tokens. The endpoint extracts the issuer iss claim from incoming JWTs and uses it to...

9.1CVSS5.8AI score0.00183EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder