| CVE-2026-32597 |
high |
7.5 |
7.5 |
|
|
|
3mo ago |
RHSA-2026:12176: fence-agents security update (Important) |
| CVE-2017-11424 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
In PyJWT 1.5.0 and below the `invalid_strings` check in `HMACAlgorithm.prepare_key` does not account for all PEM encoded public keys. Specifically, the PKCS1 PEM encoded format would be allowed becau… |
| CVE-2025-45768 |
unknown |
— |
— |
|
|
|
10mo ago |
pyjwt v2.10.1 was discovered to contain weak encryption. NOTE: this is disputed by the Supplier because the key length is chosen by the application that uses the library (admittedly, library users ma… |
| CVE-2024-53861 |
unknown |
— |
— |
|
|
|
2y ago |
pyjwt is a JSON Web Token implementation in Python. An incorrect string comparison is run for `iss` checking, resulting in `"acb"` being accepted for `"_abc_"`. This is a bug introduced in version 2.… |
| CVE-2022-29217 |
unknown |
— |
— |
|
|
|
4y ago |
PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT token can choose the used signing algorithm. The PyJWT… |