Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/51306?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51306?format=api", "vulnerability_id": "VCID-35nm-u4sh-nugf", "summary": "PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.get_signing_key() forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since kid comes from the unverified token header, an attacker can trigger unlimited outbound requests. The vulnerability surfaces only when a JWKS fetch fails; an attacker can attempt to provoke that with sustained unknown-kid traffic, but the outcome depends on upstream JWKS-endpoint behavior (rate limiting, transient errors) which is beyond the attacker's control. This vulnerability is fixed in 2.13.0.", "aliases": [ { "alias": "CVE-2026-48524" }, { "alias": "GHSA-fhv5-28vv-h8m8" }, { "alias": "PYSEC-2026-177" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75267?format=api", "purl": "pkg:pypi/pyjwt@2.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.13.0" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/10223?format=api", "purl": "pkg:pypi/pyjwt@0.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10224?format=api", "purl": "pkg:pypi/pyjwt@0.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/10225?format=api", "purl": "pkg:pypi/pyjwt@0.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/10226?format=api", "purl": "pkg:pypi/pyjwt@0.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/10227?format=api", "purl": "pkg:pypi/pyjwt@0.1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/10228?format=api", "purl": "pkg:pypi/pyjwt@0.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/10229?format=api", "purl": "pkg:pypi/pyjwt@0.1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.1.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/10230?format=api", "purl": "pkg:pypi/pyjwt@0.1.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.1.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/10231?format=api", "purl": "pkg:pypi/pyjwt@0.1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/10232?format=api", "purl": "pkg:pypi/pyjwt@0.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10233?format=api", "purl": "pkg:pypi/pyjwt@0.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10234?format=api", "purl": "pkg:pypi/pyjwt@0.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/10235?format=api", "purl": "pkg:pypi/pyjwt@0.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10236?format=api", "purl": "pkg:pypi/pyjwt@0.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10237?format=api", "purl": "pkg:pypi/pyjwt@0.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/10238?format=api", "purl": "pkg:pypi/pyjwt@0.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10239?format=api", "purl": "pkg:pypi/pyjwt@0.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10240?format=api", "purl": "pkg:pypi/pyjwt@0.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/10241?format=api", "purl": "pkg:pypi/pyjwt@0.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-tarz-9jbb-13ea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@0.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/10242?format=api", "purl": "pkg:pypi/pyjwt@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10243?format=api", "purl": "pkg:pypi/pyjwt@1.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10244?format=api", "purl": "pkg:pypi/pyjwt@1.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10245?format=api", "purl": "pkg:pypi/pyjwt@1.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10246?format=api", "purl": "pkg:pypi/pyjwt@1.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10247?format=api", "purl": "pkg:pypi/pyjwt@1.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/10248?format=api", "purl": "pkg:pypi/pyjwt@1.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/10249?format=api", "purl": "pkg:pypi/pyjwt@1.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-d2zq-ad9y-ubbs" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/10250?format=api", "purl": "pkg:pypi/pyjwt@1.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/27745?format=api", "purl": "pkg:pypi/pyjwt@1.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/27746?format=api", "purl": "pkg:pypi/pyjwt@1.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/27747?format=api", "purl": "pkg:pypi/pyjwt@1.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/27748?format=api", "purl": "pkg:pypi/pyjwt@1.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/27749?format=api", "purl": "pkg:pypi/pyjwt@1.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/27750?format=api", "purl": "pkg:pypi/pyjwt@1.6.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/27751?format=api", "purl": "pkg:pypi/pyjwt@1.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/27752?format=api", "purl": "pkg:pypi/pyjwt@1.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@1.7.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/27753?format=api", "purl": "pkg:pypi/pyjwt@2.0.0a1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.0.0a1" }, { "url": "http://public2.vulnerablecode.io/api/packages/27754?format=api", "purl": "pkg:pypi/pyjwt@2.0.0a2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.0.0a2" }, { "url": "http://public2.vulnerablecode.io/api/packages/27755?format=api", "purl": "pkg:pypi/pyjwt@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/27756?format=api", "purl": "pkg:pypi/pyjwt@2.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/27757?format=api", "purl": "pkg:pypi/pyjwt@2.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/27758?format=api", "purl": "pkg:pypi/pyjwt@2.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/27759?format=api", "purl": "pkg:pypi/pyjwt@2.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-pfq1-5wrt-a3cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/27760?format=api", "purl": "pkg:pypi/pyjwt@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/48747?format=api", "purl": "pkg:pypi/pyjwt@2.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/48748?format=api", "purl": "pkg:pypi/pyjwt@2.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/48749?format=api", "purl": "pkg:pypi/pyjwt@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/48750?format=api", "purl": "pkg:pypi/pyjwt@2.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-c1pr-7t6u-hkcr" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/48751?format=api", "purl": "pkg:pypi/pyjwt@2.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-c1pr-7t6u-hkcr" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-hqrd-7f5d-nbh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:pypi/pyjwt@2.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-c1pr-7t6u-hkcr" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-hqrd-7f5d-nbh1" }, { "vulnerability": "VCID-v78m-eyzf-abae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:pypi/pyjwt@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-c1pr-7t6u-hkcr" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-hqrd-7f5d-nbh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.10.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:pypi/pyjwt@2.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-c1pr-7t6u-hkcr" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-gptc-c34t-g3e4" }, { "vulnerability": "VCID-hqrd-7f5d-nbh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/48755?format=api", "purl": "pkg:pypi/pyjwt@2.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-c1pr-7t6u-hkcr" }, { "vulnerability": "VCID-cdtk-hczs-jud3" }, { "vulnerability": "VCID-hqrd-7f5d-nbh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/75266?format=api", "purl": "pkg:pypi/pyjwt@2.12.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2n5t-qfqc-mfbv" }, { "vulnerability": "VCID-35nm-u4sh-nugf" }, { "vulnerability": "VCID-c1pr-7t6u-hkcr" }, { "vulnerability": "VCID-cdtk-hczs-jud3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/pyjwt@2.12.1" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48524.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48524.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-48524", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18118", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-48524" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48524", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48524" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-fhv5-28vv-h8m8", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T19:16:33Z/" } ], "url": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-fhv5-28vv-h8m8" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138191", "reference_id": "1138191", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138191" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482733", "reference_id": "2482733", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482733" } ], "weaknesses": [ { "cwe_id": 770, "name": "Allocation of Resources Without Limits or Throttling", "description": "The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor." }, { "cwe_id": 460, "name": "Improper Cleanup on Thrown Exception", "description": "The product does not clean up its state or incorrectly cleans up its state when an exception is thrown, leading to unexpected state or control flow." }, { "cwe_id": 755, "name": "Improper Handling of Exceptional Conditions", "description": "The product does not handle or incorrectly handles an exceptional condition." } ], "exploits": [], "severity_range_score": "3.7 - 5.9", "exploitability": "0.5", "weighted_severity": "5.3", "risk_score": 2.6, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-35nm-u4sh-nugf" }