Relatório público de scanRepositório
jpadilla/pyjwt
Escaneado em 11 de mai. de 2026
Risk score/ 100
Risco alto
Resumo
PyJWT library exhibits high quantum vulnerability with 95 instances of quantum-susceptible algorithms including RSA, ECDSA (NIST P-256/384/521), and Ed25519. As a widely-used JWT implementation library, migration to post-quantum cryptography is critical to protect token integrity against future quantum attacks. The library's core cryptographic infrastructure requires comprehensive redesign to support NIST-approved PQC algorithms.
0
95
0
2
Principais findings
- AltoNIST P-521 curve
jwt/algorithms.py:162
- AltoECDSA
jwt/api_jwk.py:45
ML-DSA (CRYSTALS-Dilithium) or SLH-DSA (SPHINCS+)
- AltoRSA
tests/keys/__init__.py:48
ML-KEM (CRYSTALS-Kyber) for key encapsulation
- AltoECDSA
tests/test_api_jws.py:218
ML-DSA (CRYSTALS-Dilithium) or SLH-DSA (SPHINCS+)
- AltoPKCS#1 (RSA-based)
tests/test_algorithms.py:80
+ 92 findings no relatório completo
Escaneie seu próprio repositório
Grátis. Resultados em ~90 segundos. CBOM + PDF DORA/NIS2 inclusos.