[Git][security-tracker-team/security-tracker][master] Add new pyjwt issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri May 29 05:57:47 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
738e3a98 by Salvatore Bonaccorso at 2026-05-29T06:57:23+02:00
Add new pyjwt issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -127,15 +127,20 @@ CVE-2026-49237 (An issue was discovered in Canonical Multipass for macOS before
 CVE-2026-48735 (pypdf is a free and open-source pure-python PDF library. Prior to 6.12 ...)
 	TODO: check
 CVE-2026-48526 (PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, w ...)
-	TODO: check
+	- pyjwt <unfixed>
+	NOTE: https://github.com/jpadilla/pyjwt/security/advisories/GHSA-xgmm-8j9v-c9wx
 CVE-2026-48525 (PyJWT is a JSON Web Token implementation in Python. From 2.8.0 to 2.12 ...)
-	TODO: check
+	- pyjwt <unfixed>
+	NOTE: https://github.com/jpadilla/pyjwt/security/advisories/GHSA-w7vc-732c-9m39
 CVE-2026-48524 (PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, P ...)
-	TODO: check
+	- pyjwt <unfixed>
+	NOTE: https://github.com/jpadilla/pyjwt/security/advisories/GHSA-fhv5-28vv-h8m8
 CVE-2026-48523 (PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12 ...)
-	TODO: check
+	- pyjwt <unfixed>
+	NOTE: https://github.com/jpadilla/pyjwt/security/advisories/GHSA-jq35-7prp-9v3f
 CVE-2026-48522 (PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, P ...)
-	TODO: check
+	- pyjwt <unfixed>
+	NOTE: https://github.com/jpadilla/pyjwt/security/advisories/GHSA-993g-76c3-p5m4
 CVE-2026-48156 (pypdf is a free and open-source pure-python PDF library. Prior to 6.12 ...)
 	TODO: check
 CVE-2026-48155 (pypdf is a free and open-source pure-python PDF library. Prior to 6.12 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/738e3a98fa611ac3b43e86e52a426b6268302d03

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/738e3a98fa611ac3b43e86e52a426b6268302d03
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260529/44039437/attachment.htm>

More information about the debian-security-tracker-commits mailing list