CVE-2025-45770 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application,…
High CVSS: 7.0

CVE-2025-45770

jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not meant to recommend an outcome for this CVE Record.
Vendor
Jwt Project
Product
Jwt
CWE
CWE-326
Yayın Tarihi
2025-07-31 20:15:33
Güncelleme
2025-08-17 04:15:40
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-326 Jwt HIGH Jwt Project 2025

Referanslar

https://gist.github.com/ZupeiNie/cd88c827eef11a1618f8baacccd240fb https://github.com/lcobucci https://github.com/lcobucci/jwt