VYPR
Medium severity6.5NVD Advisory· Published Jul 31, 2025· Updated Jun 17, 2026

CVE-2025-45769

CVE-2025-45769

Description

php-jwt v6.11.0 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not meant to recommend an outcome for this CVE Record.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
firebase/php-jwtPackagist
< 7.0.07.0.0

Affected products

6

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.