SB2026052164 - Multiple vulnerabilities in pyjwt
Published: May 21, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 6 vulnerabilities.
1) Improper Verification of Cryptographic Signature (CVE-ID: N/A)
CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote user to bypass algorithm policy enforcement.
The vulnerability exists due to improper verification of cryptographic signature in the PyJWK verification path when decoding JWTs with PyJWK or PyJWKClient-derived keys. A remote user can sign a token with a disallowed algorithm while advertising an allowed algorithm in the JWT header to bypass algorithm policy enforcement.
Exploitation requires control of a registered JWK or JWKS private key, such as in multi-tenant or federation-style trust models.
2) Server-Side Request Forgery (SSRF) (CVE-ID: N/A)
CWE-ID: CWE-918 - Server-Side Request Forgery (SSRF)
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to server-side request forgery in PyJWKClient when processing attacker-influenced JKU URLs. A remote attacker can supply a URL using the file://, ftp://, or data: scheme to disclose sensitive information.
User interaction is required, and exploitation depends on an application passing an attacker-influenced jku value to PyJWKClient.
3) Externally Controlled Reference to a Resource in Another Sphere (CVE-ID: N/A)
CWE-ID: CWE-610 - Externally Controlled Reference to a Resource in Another Sphere
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to forge tokens.
The vulnerability exists due to improper restriction of externally controlled reference in PyJWKClient when processing attacker-influenced JKU URLs. A remote attacker can point the JKU URL to an attacker-controlled JWK Set to forge tokens.
This attack chain requires additional application-layer flaws, including attacker write access to the referenced path and untrusted jku derivation.
4) Improper Cleanup on Thrown Exception (CVE-ID: N/A)
CWE-ID: CWE-460 - Improper Cleanup on Thrown Exception
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper cleanup on thrown exception in PyJWKClient.get_signing_key() and fetch_data() when processing JWTs with attacker-controlled unknown kid values and JWKS fetch failures. A remote attacker can send JWTs with unknown kid values to cause a denial of service.
The issue can reduce authentication availability until the next successful JWKS fetch, and the outcome depends on upstream JWKS endpoint behavior such as rate limiting or transient errors.
5) Resource exhaustion (CVE-ID: N/A)
CWE-ID: CWE-400 - Resource exhaustion
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to uncontrolled resource consumption in PyJWS.decode(), PyJWS.decode_complete(), and _load() in jwt/api_jws.py when verifying detached JWS tokens with the unencoded-payload option (b64=false). A remote attacker can send a specially crafted JWS token with an oversized Base64URL payload segment to cause a denial of service.
Practical impact depends on whether upstream components enforce request body-size limits.
6) Improper Verification of Cryptographic Signature (CVE-ID: N/A)
CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to forge JWT tokens and impersonate users.
The vulnerability exists due to improper verification of cryptographic signature in the JWT verification logic when decoding JSON Web Tokens with both symmetric and asymmetric algorithms enabled and a raw JSON Web Key supplied as the key. A remote attacker can supply a token that specifies HS256 and sign it using the issuer public JWK as the HMAC secret to forge JWT tokens and impersonate users.
Exploitation requires the verifier to allow HS* and an asymmetric algorithm in the same call and to pass a public-key value as the key.
Remediation
Install update from vendor's website.
References
- https://github.com/jpadilla/pyjwt/security/advisories/GHSA-jq35-7prp-9v3f
- https://github.com/jpadilla/pyjwt/security/advisories/GHSA-993g-76c3-p5m4
- https://github.com/jpadilla/pyjwt/security/advisories/GHSA-fhv5-28vv-h8m8
- https://github.com/jpadilla/pyjwt/security/advisories/GHSA-w7vc-732c-9m39
- https://github.com/jpadilla/pyjwt/security/advisories/GHSA-xgmm-8j9v-c9wx