Skip to content
QuantumScanRelatório público de scan

Repositório

jpadilla/pyjwt

Escaneado em 13 de mai. de 2026

78

Risk score/ 100

Risco alto

Resumo

PyJWT library extensively uses quantum-vulnerable cryptographic algorithms including RSA, ECDSA (NIST P-256/384/521, secp256k1), and EdDSA across 95 identified instances. As a JWT implementation library, its core functionality relies entirely on classical public-key cryptography that will become insecure against quantum attacks, requiring comprehensive algorithm migration to maintain long-term security guarantees.

Crítico

0

Alto

95

Médio

0

Baixo

2

Principais findings

  • AltoECDSA

    tests/test_utils.py:55

    ML-DSA (CRYSTALS-Dilithium) or SLH-DSA (SPHINCS+)

  • AltoECDSA

    jwt/algorithms.py:159

    ML-DSA (CRYSTALS-Dilithium) or SLH-DSA (SPHINCS+)

  • AltoRSA

    jwt/algorithms.py:115

    ML-KEM (CRYSTALS-Kyber) for key encapsulation

  • AltoECDSA

    tests/test_utils.py:56

    ML-DSA (CRYSTALS-Dilithium) or SLH-DSA (SPHINCS+)

  • AltoECDSA

    tests/test_utils.py:57

    ML-DSA (CRYSTALS-Dilithium) or SLH-DSA (SPHINCS+)

+ 92 findings no relatório completo

Escaneie seu próprio repositório

Grátis. Resultados em ~90 segundos. CBOM + PDF DORA/NIS2 inclusos.

Começar scan grátis