CNNVD-202507-3956 Information

CNNVD ID

CNNVD-202507-3956

Related CVE

CVE-2025-45768

• CNNVD Published: 2025-07-31

Description (Chinese)

pyjwt是美国José Padilla个人开发者的一个 Python 库。允许对 JSON Web 令牌（JWT）进行编码和解码。 pyjwt v2.10.1版本存在安全漏洞，该漏洞源于存在弱加密问题。

Description (English)

Pyjwt is a Python library of individual developers of José Padilla in the United States. Allows coding and decoding of JSON Web tokens (JWT). There is a security loophole in version pyjwt v2.1, which stems from weak encryption problems.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-07-31

Last Modified

2026-02-24

References

https://github.com/jpadilla/pyjwt https://gist.github.com/ZupeiNie/6f65e564f2067b876321d3dfdbb76569