Ubuntu 25.10 PyJWT Important Access Check Flaw USN-8133-1
ubuntu
March 30, 2026
PyJWT could allow unintended access to network services.
Summary
PyJWT could allow unintended access to network services.
Software Description:
- pyjwt: Python 3 implementation of JSON Web Token
Details:
It was discovered that PyJWT did not validate the critical header
parameter, contrary to the RFC specification expectations. A remote
attacker could possibly use this issue to bypass certain authentication
checks and restrictions.
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
python3-jwt 2.10.1-2ubuntu0.1
Ubuntu 24.04 LTS
python3-jwt 2.7.0-1ubuntu0.1
Ubuntu 22.04 LTS
python3-jwt 2.3.0-1ubuntu0.3
Ubuntu 20.04 LTS
python3-jwt 1.7.1-2ubuntu2.1+esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
python-jwt 1.5.3+ds1-1ubuntu0.1+esm1
Available with Ubuntu Pro
python3-jwt 1.5.3+ds1-1ubuntu0.1+esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
python-jwt 1.3.0-1ubuntu0.1+esm1
Available with Ubuntu Pro
python3-jwt 1.3.0-1ubuntu0.1+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.References
https://ubuntu.com/security/notices/USN-8133-1
CVE-2026-32597
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-8133-1
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!