Filtered by vendor Kelvin Mo
Subscriptions
Filtered by product Simplejwt
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-33204 | 1 Kelvin Mo | 1 Simplejwt | 2026-03-23 | 7.5 High |
| SimpleJWT is a simple JSON web token library written in PHP. Prior to version 1.1.1, an unauthenticated attacker can perform a Denial of Service via JWE header tampering when PBES2 algorithms are used. Applications that call JWE::decrypt() on attacker-controlled JWEs using PBES2 algorithms are affected. This issue has been patched in version 1.1.1. | ||||
Page 1 of 1.