Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/pyjwt@0?distro=trixie
Typedeb
Namespacedebian
Namepyjwt
Version0
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.4.2-1.1
Latest_non_vulnerable_version2.12.1-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-5zts-netw-syay
vulnerability_id VCID-5zts-netw-syay
summary 
PyJWT Issuer field partial matches allowed
### Summary
The wrong string if check is run for `iss` checking, resulting in `"acb"` being accepted for `"_abc_"`.

### Details
This is a bug introduced in version [2.10.0](https://github.com/jpadilla/pyjwt/commit/1570e708672aa9036bc772476beae8bfa48f4131#diff-6893ad4a1c5a36b8af3028db8c8bc3b62418149843fc382faf901eaab008e380R366): checking the "iss" claim
changed from `isinstance(issuer, list)` to `isinstance(issuer,
Sequence)`.

```diff
-        if isinstance(issuer, list):
+        if isinstance(issuer, Sequence):
            if payload["iss"] not in issuer:
                raise InvalidIssuerError("Invalid issuer")
        else:
```

Since str is a Sequnce, but not a list, `in` is also used for string
comparison. This results in `if "abc" not in "__abcd__":` being
checked instead of `if "abc" != "__abc__":`.
### PoC
Check out the unit tests added here: https://github.com/jpadilla/pyjwt-ghsa-75c5-xw7c-p5pm
```python
        issuer = "urn:expected"

        payload = {"iss": "urn:"}

        token = jwt.encode(payload, "secret")

        # decode() succeeds, even though `"urn:" != "urn:expected". No exception is raised.
        with pytest.raises(InvalidIssuerError):
            jwt.decode(token, "secret", issuer=issuer, algorithms=["HS256"])
```


### Impact

I would say the real world impact is not that high, seeing as the signature still has to match. We should still fix it.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53861.json
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53861.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-53861
reference_id
reference_type
scores
0
value 0.01019
scoring_system epss
scoring_elements 0.77361
published_at 2026-05-12T12:55:00Z
1
value 0.01019
scoring_system epss
scoring_elements 0.77156
published_at 2026-04-02T12:55:00Z
2
value 0.01019
scoring_system epss
scoring_elements 0.77185
published_at 2026-04-04T12:55:00Z
3
value 0.01019
scoring_system epss
scoring_elements 0.77167
published_at 2026-04-07T12:55:00Z
4
value 0.01019
scoring_system epss
scoring_elements 0.77199
published_at 2026-04-08T12:55:00Z
5
value 0.01019
scoring_system epss
scoring_elements 0.77208
published_at 2026-04-09T12:55:00Z
6
value 0.01019
scoring_system epss
scoring_elements 0.77236
published_at 2026-04-11T12:55:00Z
7
value 0.01019
scoring_system epss
scoring_elements 0.77215
published_at 2026-04-12T12:55:00Z
8
value 0.01019
scoring_system epss
scoring_elements 0.77211
published_at 2026-04-13T12:55:00Z
9
value 0.01019
scoring_system epss
scoring_elements 0.77251
published_at 2026-04-16T12:55:00Z
10
value 0.01019
scoring_system epss
scoring_elements 0.77253
published_at 2026-04-18T12:55:00Z
11
value 0.01019
scoring_system epss
scoring_elements 0.77244
published_at 2026-04-21T12:55:00Z
12
value 0.01019
scoring_system epss
scoring_elements 0.77278
published_at 2026-04-24T12:55:00Z
13
value 0.01019
scoring_system epss
scoring_elements 0.77283
published_at 2026-04-26T12:55:00Z
14
value 0.01019
scoring_system epss
scoring_elements 0.77298
published_at 2026-04-29T12:55:00Z
15
value 0.01019
scoring_system epss
scoring_elements 0.77303
published_at 2026-05-05T12:55:00Z
16
value 0.01019
scoring_system epss
scoring_elements 0.77332
published_at 2026-05-07T12:55:00Z
17
value 0.01019
scoring_system epss
scoring_elements 0.77353
published_at 2026-05-09T12:55:00Z
18
value 0.01019
scoring_system epss
scoring_elements 0.77343
published_at 2026-05-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-53861
2
reference_url https://github.com/jpadilla/pyjwt
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/jpadilla/pyjwt
3
reference_url https://github.com/jpadilla/pyjwt/commit/1570e708672aa9036bc772476beae8bfa48f4131#diff-6893ad4a1c5a36b8af3028db8c8bc3b62418149843fc382faf901eaab008e380R366
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T11:10:51Z/
url https://github.com/jpadilla/pyjwt/commit/1570e708672aa9036bc772476beae8bfa48f4131#diff-6893ad4a1c5a36b8af3028db8c8bc3b62418149843fc382faf901eaab008e380R366
4
reference_url https://github.com/jpadilla/pyjwt/commit/33022c25525c1020869c71ce2a4109e44ae4ced1
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T11:10:51Z/
url https://github.com/jpadilla/pyjwt/commit/33022c25525c1020869c71ce2a4109e44ae4ced1
5
reference_url https://github.com/jpadilla/pyjwt/security/advisories/GHSA-75c5-xw7c-p5pm
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T11:10:51Z/
url https://github.com/jpadilla/pyjwt/security/advisories/GHSA-75c5-xw7c-p5pm
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-53861
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-53861
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2329527
reference_id 2329527
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2329527
8
reference_url https://github.com/advisories/GHSA-75c5-xw7c-p5pm
reference_id GHSA-75c5-xw7c-p5pm
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-75c5-xw7c-p5pm
fixed_packages
0
url pkg:deb/debian/pyjwt@0?distro=trixie
purl pkg:deb/debian/pyjwt@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyjwt@0%3Fdistro=trixie
1
url pkg:deb/debian/pyjwt@1.7.1-2?distro=trixie
purl pkg:deb/debian/pyjwt@1.7.1-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shhe-tubm-f7f8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyjwt@1.7.1-2%3Fdistro=trixie
2
url pkg:deb/debian/pyjwt@2.6.0-1?distro=trixie
purl pkg:deb/debian/pyjwt@2.6.0-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shhe-tubm-f7f8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyjwt@2.6.0-1%3Fdistro=trixie
3
url pkg:deb/debian/pyjwt@2.10.1-2?distro=trixie
purl pkg:deb/debian/pyjwt@2.10.1-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shhe-tubm-f7f8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyjwt@2.10.1-2%3Fdistro=trixie
4
url pkg:deb/debian/pyjwt@2.11.0-2?distro=trixie
purl pkg:deb/debian/pyjwt@2.11.0-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shhe-tubm-f7f8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyjwt@2.11.0-2%3Fdistro=trixie
5
url pkg:deb/debian/pyjwt@2.12.1-1?distro=trixie
purl pkg:deb/debian/pyjwt@2.12.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyjwt@2.12.1-1%3Fdistro=trixie
aliases CVE-2024-53861, GHSA-75c5-xw7c-p5pm
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5zts-netw-syay
1
url VCID-dq17-gzkv-1bdb
vulnerability_id VCID-dq17-gzkv-1bdb
summary PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT token can choose the used signing algorithm. The PyJWT library requires that the application chooses what algorithms are supported. The application can specify `jwt.algorithms.get_default_algorithms()` to get support for all algorithms, or specify a single algorithm. The issue is not that big as `algorithms=jwt.algorithms.get_default_algorithms()` has to be used. Users should upgrade to v2.4.0 to receive a patch for this issue. As a workaround, always be explicit with the algorithms that are accepted and expected when decoding.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29217.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29217.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-29217
reference_id
reference_type
scores
0
value 0.00311
scoring_system epss
scoring_elements 0.54172
published_at 2026-04-02T12:55:00Z
1
value 0.00311
scoring_system epss
scoring_elements 0.54236
published_at 2026-04-26T12:55:00Z
2
value 0.00311
scoring_system epss
scoring_elements 0.54257
published_at 2026-04-12T12:55:00Z
3
value 0.00311
scoring_system epss
scoring_elements 0.54275
published_at 2026-04-16T12:55:00Z
4
value 0.00311
scoring_system epss
scoring_elements 0.54226
published_at 2026-04-09T12:55:00Z
5
value 0.00311
scoring_system epss
scoring_elements 0.54229
published_at 2026-04-08T12:55:00Z
6
value 0.00311
scoring_system epss
scoring_elements 0.54178
published_at 2026-04-07T12:55:00Z
7
value 0.00311
scoring_system epss
scoring_elements 0.54202
published_at 2026-04-04T12:55:00Z
8
value 0.00311
scoring_system epss
scoring_elements 0.54204
published_at 2026-05-07T12:55:00Z
9
value 0.00311
scoring_system epss
scoring_elements 0.54162
published_at 2026-05-05T12:55:00Z
10
value 0.00311
scoring_system epss
scoring_elements 0.54212
published_at 2026-04-29T12:55:00Z
11
value 0.00311
scoring_system epss
scoring_elements 0.54222
published_at 2026-04-24T12:55:00Z
12
value 0.00311
scoring_system epss
scoring_elements 0.54259
published_at 2026-04-21T12:55:00Z
13
value 0.00311
scoring_system epss
scoring_elements 0.5428
published_at 2026-04-18T12:55:00Z
14
value 0.00422
scoring_system epss
scoring_elements 0.62169
published_at 2026-05-09T12:55:00Z
15
value 0.00422
scoring_system epss
scoring_elements 0.62124
published_at 2026-05-11T12:55:00Z
16
value 0.00422
scoring_system epss
scoring_elements 0.6215
published_at 2026-05-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-29217
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/jpadilla/pyjwt
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jpadilla/pyjwt
4
reference_url https://github.com/jpadilla/pyjwt/commit/9c528670c455b8d948aff95ed50e22940d1ad3fc
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:55Z/
url https://github.com/jpadilla/pyjwt/commit/9c528670c455b8d948aff95ed50e22940d1ad3fc
5
reference_url https://github.com/jpadilla/pyjwt/releases/tag/2.4.0
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:55Z/
url https://github.com/jpadilla/pyjwt/releases/tag/2.4.0
6
reference_url https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:55Z/
url https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pyjwt/PYSEC-2022-202.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pyjwt/PYSEC-2022-202.yaml
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5PK7IQCBVNLYJEFTPHBBPFP72H4WUFNX
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5PK7IQCBVNLYJEFTPHBBPFP72H4WUFNX
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5PK7IQCBVNLYJEFTPHBBPFP72H4WUFNX/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5PK7IQCBVNLYJEFTPHBBPFP72H4WUFNX/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HIYEYZRQEP6QTHT3EHH3RGFYJIHIMAO
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HIYEYZRQEP6QTHT3EHH3RGFYJIHIMAO
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HIYEYZRQEP6QTHT3EHH3RGFYJIHIMAO/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HIYEYZRQEP6QTHT3EHH3RGFYJIHIMAO/
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-29217
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-29217
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011747
reference_id 1011747
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011747
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2088544
reference_id 2088544
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2088544
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PK7IQCBVNLYJEFTPHBBPFP72H4WUFNX/
reference_id 5PK7IQCBVNLYJEFTPHBBPFP72H4WUFNX
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:55Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PK7IQCBVNLYJEFTPHBBPFP72H4WUFNX/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6HIYEYZRQEP6QTHT3EHH3RGFYJIHIMAO/
reference_id 6HIYEYZRQEP6QTHT3EHH3RGFYJIHIMAO
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:52:55Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6HIYEYZRQEP6QTHT3EHH3RGFYJIHIMAO/
17
reference_url https://security.archlinux.org/AVG-2781
reference_id AVG-2781
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2781
18
reference_url https://github.com/advisories/GHSA-ffqj-6fqr-9h24
reference_id GHSA-ffqj-6fqr-9h24
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-ffqj-6fqr-9h24
19
reference_url https://usn.ubuntu.com/5526-1/
reference_id USN-5526-1
reference_type
scores
url https://usn.ubuntu.com/5526-1/
fixed_packages
0
url pkg:deb/debian/pyjwt@0?distro=trixie
purl pkg:deb/debian/pyjwt@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyjwt@0%3Fdistro=trixie
1
url pkg:deb/debian/pyjwt@1.7.1-2?distro=trixie
purl pkg:deb/debian/pyjwt@1.7.1-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shhe-tubm-f7f8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyjwt@1.7.1-2%3Fdistro=trixie
2
url pkg:deb/debian/pyjwt@2.4.0-1?distro=trixie
purl pkg:deb/debian/pyjwt@2.4.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyjwt@2.4.0-1%3Fdistro=trixie
3
url pkg:deb/debian/pyjwt@2.6.0-1?distro=trixie
purl pkg:deb/debian/pyjwt@2.6.0-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shhe-tubm-f7f8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyjwt@2.6.0-1%3Fdistro=trixie
4
url pkg:deb/debian/pyjwt@2.10.1-2?distro=trixie
purl pkg:deb/debian/pyjwt@2.10.1-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shhe-tubm-f7f8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyjwt@2.10.1-2%3Fdistro=trixie
5
url pkg:deb/debian/pyjwt@2.11.0-2?distro=trixie
purl pkg:deb/debian/pyjwt@2.11.0-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shhe-tubm-f7f8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyjwt@2.11.0-2%3Fdistro=trixie
6
url pkg:deb/debian/pyjwt@2.12.1-1?distro=trixie
purl pkg:deb/debian/pyjwt@2.12.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyjwt@2.12.1-1%3Fdistro=trixie
aliases CVE-2022-29217, GHSA-ffqj-6fqr-9h24, PYSEC-2022-202
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dq17-gzkv-1bdb
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/pyjwt@0%3Fdistro=trixie