mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-02-05 23:30:17 +00:00
Code Issues Projects Releases Wiki Activity

python3-pyjwt: ignore CVE-2025-45768

Browse Source 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-45768

The CVE is disputed: though the vulnerability is there, but it comes
from incorrect configuration of the library by the main application.

Due to this, ignore this CVE.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Gyorgy Sarvari
2026-02-02 17:37:12 +01:00
committed by Khem Raj
parent 2865b67e29
commit 3988e13c0a
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
meta-python/recipes-devtools/python/python3-pyjwt_2.10.1.bb
View File

@@ -9,6 +9,8 @@ SRC_URI[sha256sum] = "3cc5772eb20009233caf06e9d8a0577824723b44e6648ee0a2aedb6cf9
PYPI_PACKAGE = "pyjwt"
CVE_PRODUCT = "pyjwt"
CVE_STATUS[CVE-2025-45768] = "disputed: vulnerability can be avoided if the library is used correctly"
inherit pypi python_setuptools_build_meta
RDEPENDS:${PN} = "\