CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-6727

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00519EPSS

Exploits0References5

RedhatCVE•added 2025/03/21 4:23 p.m.•17 views

CVE-2025-30144

fast-jwt provides fast JSON Web Token JWT implementation. Prior to 5.0.6, the fast-jwt library does not properly validate the iss claim based on the RFC 7519. The iss issuer claim validation within the fast-jwt library permits an array of strings as a valid iss value. This design flaw enables a...

6.5CVSS6.8AI score0.00519EPSS

Exploits0References1

Vulnrichment•added 2025/03/19 3:41 p.m.•11 views

CVE-2025-30144 Fast-JWT Improperly Validates iss Claims

6.5CVSS6.2AI score0.00519EPSS

Exploits0References3

Fedora•added 2024/03/07 1:50 a.m.•12 views

[SECURITY] Fedora 38 Update: cpp-jwt-1.4-7.fc38

JSON Web TokenJWT is a JSON based standard RFC- 7519 for creating assertions or access tokens that consists of some claims encoded within the assertion. This assertion can be used in some kind of bearer authentication mechanism that the server will provide to clients, and the clients can make use...

7.5AI score

Exploits0

Tenable Nessus•added 2023/03/21 12:0 a.m.•59 views

Amazon Linux 2023 : python3-jwt, python3-jwt+crypto (ALAS2023-2023-076)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-076 advisory. A vulnerability was found in python-jwt. This issue happens when PyJWT supports multiple different JWT signing algorithms. This flaw allows an attacker submitting the JWT token to choose the used signin...

7.5CVSS7.3AI score0.012EPSS

Exploits0References4

Tenable Nessus•added 2023/03/18 12:0 a.m.•20 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-PyJWT (SUSE-SU-2023:0794-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0794-1 advisory. - PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms...

7.5CVSS7.4AI score0.012EPSS

Exploits0References6

OpenVAS•added 2022/10/10 12:0 a.m.•14 views

Huawei EulerOS: Security Advisory for python-jwt (EulerOS-SA-2022-2434)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.012EPSS

Exploits0References2

Tenable Nessus•added 2022/09/14 12:0 a.m.•32 views

EulerOS 2.0 SP9 : python-jwt (EulerOS-SA-2022-2331)

According to the versions of the python-jwt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the...

7.5CVSS7.4AI score0.012EPSS

Exploits0References2

Tenable Nessus•added 2022/07/20 12:0 a.m.•35 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : PyJWT vulnerability (USN-5526-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5526-1 advisory. Aapo Oksman discovered that PyJWT incorrectly handled signatures constructed from SSH public keys. A remote attacker could use this to for...

7.5CVSS7.5AI score0.012EPSS

Exploits0References2

UbuntuCve•added 2022/05/24 3:15 p.m.•45 views

CVE-2022-29217

PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT token can choose the used signing algorithm. The PyJWT library requires that the application chooses what algorithms are supported. The application can...

7.5CVSS7AI score0.012EPSS

Exploits0References7