Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
light_mode
dark_mode
Vulnerabilities
search
All ecosystems
633892
AlmaLinux
4665
Alpaquita
8947
Alpine
4068
Android
3261
Azure Linux
12016
BellSoft Hardened Containers
433
Bitnami
7027
Chainguard
5804
CleanStart
799
CRAN
14
crates.io
2248
Debian
54796
Echo
3199
GHC
3
GIT
81500
GitHub Actions
49
Go
6589
Hackage
30
Hex
58
Julia
684
Linux
15361
Mageia
5877
Maven
6327
MinimOS
28966
npm
217606
NuGet
1663
opam
12
openEuler
6511
openSUSE
12623
OSS-Fuzz
3842
Packagist
6087
Pub
11
PyPI
18753
Red Hat
19526
Rocky Linux
2974
Root
12289
RubyGems
1940
SUSE
20565
SwiftURL
50
Ubuntu
52976
VSCode
18
Wolfi
3725
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-752w-5fwx-jx9f
PyPI/pyjwt
PyJWT accepts unknown
`
crit
`
header extensions
13 Mar
Fix available
Severity - 7.5 (High)
GHSA-75c5-xw7c-p5pm
PyPI/pyjwt
PyJWT Issuer field partial matches allowed
02 Dec 2024
Fix available
Severity - 2.1 (Low)
GHSA-ffqj-6fqr-9h24
PyPI/pyjwt
Key confusion through non-blocklisted public key formats
24 May 2022
Fix available
Severity - 7.4 (High)
PYSEC-2022-202
PyPI/pyjwt
github.com/jpadilla/pyjwt
See record for full details
24 May 2022
Fix available
GHSA-r9jw-mwhq-wp62
PyPI/pyjwt
PyJWT vulnerable to key confusion attacks
13 May 2022
Fix available
Severity - 7.5 (High)
PYSEC-2017-24
PyPI/pyjwt
See record for full details
24 Aug 2017
Fix available
PyPI - OSV
