VYPR

Packagist (Composer) package

kelvinmo/simplejwt

pkg:composer/kelvinmo/simplejwt

Vulnerabilities (1)

  • CVE-2026-33204HigMar 20, 2026
    affected < 1.1.1fixed 1.1.1

    SimpleJWT is a simple JSON web token library written in PHP. Prior to version 1.1.1, an unauthenticated attacker can perform a Denial of Service via JWE header tampering when PBES2 algorithms are used. Applications that call JWE::decrypt() on attacker-controlled JWEs using PBES2