Skip to content
QuantumScanRelatório público de scan

Repositório

jpadilla/pyjwt

Escaneado em 5 de jun. de 2026

73

Risk score/ 100

Risco alto

Resumo

PyJWT library relies heavily on quantum-vulnerable cryptographic algorithms including ECDSA (multiple NIST curves and secp256k1) and RSA for JWT signing operations. With 90 high-severity findings across cryptographic implementation files, the library faces significant post-quantum security risks that will impact all downstream applications using JWT authentication.

Crítico

0

Alto

90

Médio

0

Baixo

2

Principais findings

  • AltoECDSA

    jwt/algorithms.py:41

    ML-DSA (CRYSTALS-Dilithium) or SLH-DSA (SPHINCS+)

  • AltoNIST P-256 curve

    jwt/algorithms.py:43

    ML-KEM or ML-DSA

  • AltoNIST P-384 curve

    jwt/algorithms.py:44

    ML-KEM or ML-DSA

  • AltoNIST P-521 curve

    jwt/algorithms.py:45

  • AltoElliptic Curve Cryptography

    jwt/algorithms.py:46

+ 87 findings no relatório completo

Escaneie seu próprio repositório

Grátis. Resultados em ~90 segundos. CBOM + PDF DORA/NIS2 inclusos.

Começar scan grátis