Product
emarref jwt
4 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-45770
CVE-2021-41106
CVE-2016-7037
CVE-2015-2951
<= 5.4.3
jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expecte
>= 3.4.0 and < 3.4.6
JWT is a library to work with JSON Web Token and JSON Web Signature. Prior to versions 3.4.6, 4.0.4, and 4.1.5, users of HMAC-base
<= 1.0.2
The verify function in Encryption/Symmetric.php in Malcolm Fell jwt before 1.0.3 does not use a timing-safe function for hash comp
<= 1.0
JWT.php in F21 JWT before 2.0 allows remote attackers to bypass signature verification via crafted tokens.