Skip to content

Commit a8d7014

Browse files
claudeclaude
committed
Patch CVE-2026-30922 (pyasn1) and CVE-2026-32597 (PyJWT)
Bumps pyasn1 0.6.2 -> 0.6.3 (DoS via unbounded recursion in ASN.1 decoding) and PyJWT 2.10.1 -> 2.12.1 (crit header validation per RFC 7515 section 4.1.11). https://claude.ai/code/session_01SV4gG9ivBP5LNEhydEtwtc
1 parent 8f068b2 commit a8d7014

2 files changed

Lines changed: 15 additions & 12 deletions

File tree

poetry.lock

Lines changed: 14 additions & 11 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pyproject.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ cryptography = {version = "46.0.5", python = ">=3.9.2,<3.13"}
1717
dpath = "^2.0.5"
1818
pydantic = "^1.0"
1919
slack-sdk = "^3"
20-
pyjwt = "^2.4.0"
20+
pyjwt = "^2.12.0"
2121
requests = "^2.32.2"
2222
certifi = "2024.7.4"
2323
types-toml = "^0.10.2"

0 commit comments

Comments
 (0)