`github.com/golang-jwt/jwt/v4`

Ecosystem:
go

Package URL:
pkg:golang/github.com/golang-jwt/jwt/v4

Total PRs:
584 Dependabot PRs

Latest PR:
1 day ago

Unique Repositories:
451 repositories

Unique Repos (30 days):
6 repositories

Security Advisories

jwt-go allows excessive memory allocation during header parsing

GHSA-mh63-6h87-95cp CVE-2025-30204 HIGH published 7 months ago • updated 2 months ago

### Summary Function [`parse.ParseUnverified`](https://github.com/golang-jwt/jwt/blob/c035977d9e11c351f4c05dfeae193923cbab49ee/parser.go#L138-L139...

Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations

GHSA-29wx-vh33-7x7r CVE-2024-51744 LOW published 12 months ago • updated 3 months ago

### Summary Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors...

Recent PRs (filtered by: Minor PRs )

RSS Feed Clear filter

Bump github.com/golang-jwt/jwt/v4 from 4.4.3 to 4.5.0

lockboxauth/tokens #42

4.4.3 → 4.5.0 Minor PR

Closed over 2 years ago

Package Details

Name:	`github.com/golang-jwt/jwt/v4`
Ecosystem:	go
PURL Type:	golang
Package URL:	`pkg:golang/github.com/golang-jwt/jwt/v4`
JSON API:	View JSON

Security Advisories

2

Active advisories

HIGH 1

LOW 1

View All golang Advisories

Package Information

Description:

Package jwt is a Go implementation of JSON Web Tokens: http://self-issued.info/docs/draft-jones-json-web-token.html See README.md for more info.

Repository:	https://github.com/golang-jwt/jwt
Homepage:	https://github.com/golang-jwt/jwt
Latest Release:	`v4.5.2` 7 months ago
Dependent Repos:	22,852
Dependent Packages:	15,582
Ranking:	Top 0.0419% by dependent repos Top 0.0195% by dependent pkgs

PR Status

Open 271 (46.4%)

Merged 105 (18.0%)

Closed 150 (25.7%)

PR Types

Minor 101 (17.3%)

Patch 425 (72.8%)