All 3 CVE vulnerabilities found in pyjwt, with AI-generated Chinese analysis, references, and POCs.
Vendor: jpadilla
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-32597 | PyJWT accepts unknown `crit` header extensions (RFC 7515 §4.1.11 MUST violation) CWE-345 | 7.5 | High | 2026-03-12 |
| CVE-2024-53861 | Issuer field partial matches allowed in pyjwt CWE-697 | 2.2 | Low | 2024-11-29 |
| CVE-2022-29217 | Key confusion through non-blocklisted public key formats in PyJWT CWE-327 | 7.4 | High | 2022-05-24 |
All 3 known CVE vulnerabilities affecting pyjwt with full Chinese analysis, references, and POCs where available.