Kelvinmo

kelvinmo

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Simplejwt

simplejwt

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-33204 1Kelvinmo 1Simplejwt Apr 10, 2026 Mar 20, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 SimpleJWT is a simple JSON web token library written in PHP. Prior to version 1.1.1, an unauthenticated attacker can perform a Denial of Service via JWE header tampering when PBES2 algorithms are used. Applications that...Show more SimpleJWT is a simple JSON web token library written in PHP. Prior to version 1.1.1, an unauthenticated attacker can perform a Denial of Service via JWE header tampering when PBES2 algorithms are used. Applications that call JWE::decrypt() on attacker-controlled JWEs using PBES2 algorithms are affected. This issue has been patched in version 1.1.1.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2026-33204

1Kelvinmo

1Simplejwt

Apr 10, 2026

Mar 20, 2026

N/A· v4

7.5 HIGH· v3

N/A· v2

SimpleJWT is a simple JSON web token library written in PHP. Prior to version 1.1.1, an unauthenticated attacker can perform a Denial of Service via JWE header tampering when PBES2 algorithms are used. Applications that call JWE::decrypt() on attacker-controlled JWEs using PBES2 algorithms are affected. This issue has been patched in version 1.1.1.Show less