Security Advisories - kelvinmo/simplejwt - Packagist.org

kelvinmo/simplejwt Security Advisories for 1.0.x-dev (1)

[HIGH] SimpleJWT has an Unauthenticated Denial of Service via JWE header tampering

PKSA-njxg-bvx9-65t2 CVE-2026-33204 GHSA-xw36-67f8-339x

Affected version: <=1.1.0

Reported by:
GitHub