[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-51744":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":24,"downstream":25,"duplicates":68,"related":69,"reserved_at":9,"published_at":342,"modified_at":343,"state":344,"summary":345,"references_raw":353,"kevs":378,"epss":379,"epss_history":382,"metrics":649,"affected":661},"CVE-2024-51744","golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by `ParseWithClaims` return both error codes. If users only check for the `jwt.ErrTokenExpired ` using `error.Is`, they will ignore the embedded `jwt.ErrTokenSignatureInvalid` and thus potentially accept invalid tokens. A fix has been back-ported with the error handling logic from the `v5` branch to the `v4` branch. In this logic, the `ParseWithClaims` function will immediately return in \"dangerous\" situations (e.g., an invalid signature), limiting the combined errors only to situations where the signature is valid, but further validation failed (e.g., if the signature is valid, but is expired AND has the wrong audience). This fix is part of the 4.5.1 release. We are aware that this changes the behaviour of an established function and is not 100 % backwards compatible, so updating to 4.5.1 might break your code. In case you cannot update to 4.5.0, please make sure that you are properly checking for all errors (\"dangerous\" ones first), so that you are not running in the case detailed above.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-755","Improper Handling of Exceptional Conditions","The product does not handle or incorrectly handles an exceptional condition.","weakness","Incomplete","Class","Medium",[],[],[22,23],"GHSA-29wx-vh33-7x7r","GO-2024-3250",[],[26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66],{"_key":27},"OPENSUSE-SU-2024:14522-1",{"_key":29},"SUSE-SU-2025:01985-1",{"_key":31},"SUSE-SU-2025:0524-1",{"_key":33},"SUSE-SU-2024:4042-1",{"_key":35},"SUSE-SU-2025:0525-1",{"_key":37},"SUSE-SU-2025:0546-1",{"_key":39},"SUSE-SU-2025:1333-1",{"_key":41},"OPENSUSE-SU-2024:14481-1",{"_key":43},"OPENSUSE-SU-2024:14484-1",{"_key":45},"OPENSUSE-SU-2024:14495-1",{"_key":47},"OPENSUSE-SU-2024:14517-1",{"_key":49},"OPENSUSE-SU-2025:0131-1",{"_key":51},"OPENSUSE-SU-2025:14663-1",{"_key":53},"OPENSUSE-SU-2025:14768-1",{"_key":55},"OPENSUSE-SU-2025:14840-1",{"_key":57},"OPENSUSE-SU-2025:14988-1",{"_key":59},"OPENSUSE-SU-2025:20117-1",{"_key":61},"OPENSUSE-SU-2026:20099-1",{"_key":63},"DEBIAN-CVE-2024-51744",{"_key":65},"UBUNTU-CVE-2024-51744",{"_key":67},"RHSA-2026:2769",[],[70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,130,132,134,136,138,140,142,144,146,148,150,152,154,156,158,160,162,164,166,168,170,172,174,176,178,180,182,184,186,188,190,192,194,196,198,200,202,204,206,208,210,212,214,216,218,220,222,224,226,228,230,232,234,236,238,240,242,244,246,248,250,252,254,256,258,260,262,264,266,268,270,272,274,276,278,280,282,284,286,288,290,292,294,296,298,300,302,304,306,308,310,312,314,316,318,320,322,324,326,328,330,332,334,336,338,340],{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":89},"CGA-23VJ-H567-Q6H4",{"_key":91},"CGA-244R-G3GR-FJWJ",{"_key":93},"CGA-2CPV-9JWJ-W4W9",{"_key":95},"CGA-2JV4-Q466-68FV",{"_key":97},"CGA-2MH5-42FQ-4J9R",{"_key":99},"CGA-2Q77-CJCP-4QWH",{"_key":101},"CGA-3243-26V8-89VW",{"_key":103},"CGA-33W4-HVVH-47P7",{"_key":105},"CGA-39R6-2MCJ-QH6J",{"_key":107},"CGA-3F9X-HR64-PF72",{"_key":109},"CGA-3J2Q-XFVC-XG9C",{"_key":111},"CGA-3J6V-FQ99-QCHJ",{"_key":113},"CGA-48HG-9CHW-2R22",{"_key":115},"CGA-4CGP-MQ75-FQX5",{"_key":117},"CGA-4QVF-WJ76-46X8",{"_key":119},"CGA-4R5F-F96V-63RV",{"_key":121},"CGA-4X3W-PM5J-G8X7",{"_key":123},"CGA-5678-VQ9F-CHRX",{"_key":125},"CGA-5C85-RQQ2-4VC4",{"_key":127},"CGA-5P4X-PP9W-H59R",{"_key":129},"CGA-6326-VCVP-J59P",{"_key":131},"CGA-64RV-FHJ2-VCRG",{"_key":133},"CGA-6CH2-C49V-9RJR",{"_key":135},"CGA-6PVQ-8H7M-PP38",{"_key":137},"CGA-77MX-PH6F-2XGP",{"_key":139},"CGA-79QC-9MGM-6JW9",{"_key":141},"CGA-7C4P-7PFV-XP5R",{"_key":143},"CGA-7HQW-PW3H-MPXX",{"_key":145},"CGA-7PP9-W933-VXGJ",{"_key":147},"CGA-7W6G-7F6G-7QGG",{"_key":149},"CGA-7XRX-P9V8-H4XC",{"_key":151},"CGA-82MV-QMXV-2G79",{"_key":153},"CGA-84F8-RMC5-7WPJ",{"_key":155},"CGA-85CP-W46M-QXRM",{"_key":157},"CGA-8Q96-JXJ7-3F7C",{"_key":159},"CGA-8QF2-76CJ-7G79",{"_key":161},"CGA-8V88-9RH7-MCR9",{"_key":163},"CGA-8VPW-846P-G335",{"_key":165},"CGA-94QP-JQ9H-FVQ6",{"_key":167},"CGA-966P-84XM-7R2G",{"_key":169},"CGA-9969-64XQ-6X56",{"_key":171},"CGA-99VW-8VGQ-3GV6",{"_key":173},"CGA-9C7H-HHH2-437J",{"_key":175},"CGA-9WWF-PH9H-889C",{"_key":177},"CGA-9XV9-WC36-CRWC",{"_key":179},"CGA-C2FR-GG8P-76QH",{"_key":181},"CGA-C3GP-PVM7-2565",{"_key":183},"CGA-C94M-4VRJ-32CJ",{"_key":185},"CGA-CJ8G-9QWP-28PQ",{"_key":187},"CGA-F5MP-4F7Q-P3X3",{"_key":189},"CGA-FCQ6-4V8H-M2GW",{"_key":191},"CGA-FH5H-JRW9-CRXF",{"_key":193},"CGA-FJ5G-7F2Q-F8XR",{"_key":195},"CGA-FMVQ-25W7-HQRC",{"_key":197},"CGA-FQG5-WQ7M-QMM3",{"_key":199},"CGA-FR99-MQ7X-JPQH",{"_key":201},"CGA-FV3P-HPJC-2XJ9",{"_key":203},"CGA-GC8R-X3PC-QCW6",{"_key":205},"CGA-GHFG-W77Q-JFR4",{"_key":207},"CGA-GJ5F-7VHM-Q933",{"_key":209},"CGA-GJMX-W495-WG8C",{"_key":211},"CGA-GMMV-2GPJ-5WFP",{"_key":213},"CGA-GP62-Q3QG-J99W",{"_key":215},"CGA-GV56-JQV3-5GJ7",{"_key":217},"CGA-H39V-79WR-W67F",{"_key":219},"CGA-H3F5-HJC2-48HW",{"_key":221},"CGA-H5GM-6MQF-M4FV",{"_key":223},"CGA-H6P2-QP5C-5VW2",{"_key":225},"CGA-HG48-MGP2-XCMV",{"_key":227},"CGA-HH2F-7JV5-MRXX",{"_key":229},"CGA-HR5X-H9W2-WQ73",{"_key":231},"CGA-HXFP-53CV-P6F2",{"_key":233},"CGA-HXXV-9WWP-5JJM",{"_key":235},"CGA-J4PF-WH37-HC3H",{"_key":237},"CGA-J563-QMW6-2JHH",{"_key":239},"CGA-J63M-2P39-GFP4",{"_key":241},"CGA-J9JV-XM98-888X",{"_key":243},"CGA-J9WM-GCJJ-HPV4",{"_key":245},"CGA-JR88-69CM-P65G",{"_key":247},"CGA-JRG2-7VWV-5566",{"_key":249},"CGA-JRX7-C5JW-4697",{"_key":251},"CGA-JW5C-242M-QC3P",{"_key":253},"CGA-M6W5-987M-RQ27",{"_key":255},"CGA-MGJ8-5HXW-QJ28",{"_key":257},"CGA-MJ8X-4C3M-F6Q6",{"_key":259},"CGA-P6H7-8J4G-3WMP",{"_key":261},"CGA-P737-F9FQ-GFHP",{"_key":263},"CGA-PHCP-VMWH-XW5X",{"_key":265},"CGA-PW97-9G4P-MG7W",{"_key":267},"CGA-Q4MJ-77WH-5R6V",{"_key":269},"CGA-Q6Q4-44V3-HR3J",{"_key":271},"CGA-Q8HW-QH84-GGF2",{"_key":273},"CGA-Q9XR-HJPX-99PW",{"_key":275},"CGA-QCFJ-C3CQ-M7GM",{"_key":277},"CGA-QF9J-P3JX-H3MV",{"_key":279},"CGA-QHP2-HW25-WMCC",{"_key":281},"CGA-QR8H-RPX4-FPW9",{"_key":283},"CGA-QX87-CJQ7-X7P8",{"_key":285},"CGA-QXHJ-3J7W-F35W",{"_key":287},"CGA-R2HJ-92PW-FXGR",{"_key":289},"CGA-R343-PPF6-VH62",{"_key":291},"CGA-RCCP-8RWQ-X4C8",{"_key":293},"CGA-RF72-FMR4-632G",{"_key":295},"CGA-RHV5-5M67-PQWR",{"_key":297},"CGA-RVWP-M99M-H72V",{"_key":299},"CGA-RWF7-WWG6-QW4Q",{"_key":301},"CGA-V382-VCXM-CWMF",{"_key":303},"CGA-V38X-WGVP-GPWP",{"_key":305},"CGA-V57J-RR3P-2GG5",{"_key":307},"CGA-V79W-RMM7-C9H5",{"_key":309},"CGA-V82R-R59H-MXQ8",{"_key":311},"CGA-V9C4-5W2V-W84G",{"_key":313},"CGA-VC76-34CC-8MC6",{"_key":315},"CGA-VGRV-Q4R4-C3XH",{"_key":317},"CGA-VPH6-VRC3-MF28",{"_key":319},"CGA-VRCP-F2Q7-85C2",{"_key":321},"CGA-VWRC-F7GG-8QJ6",{"_key":323},"CGA-W4CJ-9RHF-GVMF",{"_key":325},"CGA-WQJX-742R-W8PF",{"_key":327},"CGA-WV7M-7W62-684J",{"_key":329},"CGA-X238-F3P7-73PC",{"_key":331},"CGA-X5VR-4RJX-26QH",{"_key":333},"CGA-XC73-GF4W-4GX8",{"_key":335},"CGA-XFW4-V8M5-9MX4",{"_key":337},"CGA-XG8H-CG55-JQRF",{"_key":339},"CGA-XGGG-888P-8GGX",{"_key":341},"CGA-C7XM-4MWH-V73X","2024-11-04T21:47:12.170Z","2024-11-05T16:11:42.243Z","Deferred",{"cisa_kev":346,"cisa_ransomware":346,"cisa_vendor":9,"epss_severity":347,"epss_score":348,"severity":347,"severity_score":349,"severity_version":350,"severity_source":351,"severity_vector":352,"severity_status":344},false,"low",0.0006,3.1,"v3.1","cve.org","CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",[354,363,369,373],{"url":355,"sources":356,"tags":359},"https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r",[351,357,358],"nvd","osv_go",[360,361,362],"X Refsource CONFIRM","WEB","Advisory",{"url":364,"sources":365,"tags":366},"https://github.com/golang-jwt/jwt/commit/7b1c1c00a171c6c79bbdb40e4ce7d197060c1c2c",[351,357,358],[367,361,368],"X Refsource MISC","FIX",{"url":370,"sources":371,"tags":372},"https://nvd.nist.gov/vuln/detail/CVE-2024-51744",[358],[362],{"url":374,"sources":375,"tags":376},"https://github.com/golang-jwt/jwt",[358],[377],"PACKAGE",[],{"date":380,"score":348,"percentile":381},"2026-06-04",0.18984,[383,387,390,393,396,399,402,405,408,411,414,417,420,423,426,430,433,436,440,442,445,448,451,454,457,459,462,465,468,471,474,477,480,483,486,489,492,495,498,501,505,508,511,514,517,520,523,526,529,532,535,538,541,544,546,549,552,555,558,561,564,567,570,573,575,578,580,583,585,588,591,594,597,600,603,606,608,611,614,617,620,623,626,629,632,634,637,640,643,646],{"date":384,"score":385,"percentile":386},"2025-11-04",0.00027,0.06328,{"date":388,"score":385,"percentile":389},"2025-11-05",0.06353,{"date":391,"score":385,"percentile":392},"2025-11-06",0.06464,{"date":394,"score":385,"percentile":395},"2025-11-07",0.06474,{"date":397,"score":385,"percentile":398},"2025-11-08",0.06473,{"date":400,"score":385,"percentile":401},"2025-11-09",0.06459,{"date":403,"score":385,"percentile":404},"2025-11-10",0.06435,{"date":406,"score":385,"percentile":407},"2025-11-11",0.06462,{"date":409,"score":385,"percentile":410},"2025-11-12",0.06498,{"date":412,"score":385,"percentile":413},"2025-11-13",0.06535,{"date":415,"score":385,"percentile":416},"2025-11-14",0.06561,{"date":418,"score":385,"percentile":419},"2025-11-15",0.0659,{"date":421,"score":385,"percentile":422},"2025-11-16",0.06606,{"date":424,"score":385,"percentile":425},"2025-11-17",0.06604,{"date":427,"score":428,"percentile":429},"2025-11-18",0.00198,0.3744,{"date":431,"score":428,"percentile":432},"2025-11-19",0.37449,{"date":434,"score":428,"percentile":435},"2025-11-20",0.37442,{"date":437,"score":438,"percentile":439},"2025-11-21",0.00028,0.06848,{"date":441,"score":438,"percentile":439},"2025-11-22",{"date":443,"score":438,"percentile":444},"2025-11-23",0.06841,{"date":446,"score":385,"percentile":447},"2025-11-24",0.06679,{"date":449,"score":385,"percentile":450},"2025-11-25",0.06678,{"date":452,"score":385,"percentile":453},"2025-11-26",0.0669,{"date":455,"score":385,"percentile":456},"2025-11-27",0.06689,{"date":458,"score":385,"percentile":450},"2025-11-28",{"date":460,"score":385,"percentile":461},"2025-11-29",0.06719,{"date":463,"score":385,"percentile":464},"2025-11-30",0.06714,{"date":466,"score":385,"percentile":467},"2025-12-01",0.06757,{"date":469,"score":385,"percentile":470},"2025-12-02",0.06769,{"date":472,"score":385,"percentile":473},"2025-12-03",0.06786,{"date":475,"score":385,"percentile":476},"2025-12-04",0.06762,{"date":478,"score":385,"percentile":479},"2025-12-05",0.06809,{"date":481,"score":385,"percentile":482},"2025-12-06",0.06819,{"date":484,"score":385,"percentile":485},"2025-12-07",0.06818,{"date":487,"score":385,"percentile":488},"2025-12-08",0.06822,{"date":490,"score":385,"percentile":491},"2025-12-09",0.06874,{"date":493,"score":385,"percentile":494},"2025-12-10",0.06944,{"date":496,"score":385,"percentile":497},"2025-12-11",0.0696,{"date":499,"score":385,"percentile":500},"2025-12-12",0.06967,{"date":502,"score":503,"percentile":504},"2025-12-13",0.00044,0.13574,{"date":506,"score":503,"percentile":507},"2025-12-14",0.1355,{"date":509,"score":503,"percentile":510},"2025-12-15",0.13515,{"date":512,"score":503,"percentile":513},"2025-12-16",0.13523,{"date":515,"score":503,"percentile":516},"2025-12-17",0.13622,{"date":518,"score":503,"percentile":519},"2025-12-18",0.13681,{"date":521,"score":503,"percentile":522},"2025-12-19",0.13726,{"date":524,"score":503,"percentile":525},"2025-12-20",0.13715,{"date":527,"score":503,"percentile":528},"2025-12-21",0.13676,{"date":530,"score":503,"percentile":531},"2025-12-22",0.13629,{"date":533,"score":503,"percentile":534},"2025-12-23",0.13627,{"date":536,"score":503,"percentile":537},"2025-12-24",0.13625,{"date":539,"score":503,"percentile":540},"2025-12-25",0.13696,{"date":542,"score":503,"percentile":543},"2025-12-26",0.1366,{"date":545,"score":503,"percentile":543},"2025-12-27",{"date":547,"score":503,"percentile":548},"2025-12-28",0.13634,{"date":550,"score":503,"percentile":551},"2025-12-29",0.13529,{"date":553,"score":503,"percentile":554},"2025-12-30",0.13538,{"date":556,"score":503,"percentile":557},"2025-12-31",0.136,{"date":559,"score":503,"percentile":560},"2026-01-01",0.13671,{"date":562,"score":503,"percentile":563},"2026-01-02",0.13659,{"date":565,"score":503,"percentile":566},"2026-01-03",0.13624,{"date":568,"score":503,"percentile":569},"2026-01-04",0.13548,{"date":571,"score":503,"percentile":572},"2026-01-05",0.13504,{"date":574,"score":503,"percentile":510},"2026-01-06",{"date":576,"score":503,"percentile":577},"2026-01-07",0.13552,{"date":579,"score":503,"percentile":557},"2026-01-08",{"date":581,"score":503,"percentile":582},"2026-01-09",0.1361,{"date":584,"score":503,"percentile":534},"2026-01-10",{"date":586,"score":503,"percentile":587},"2026-01-11",0.13556,{"date":589,"score":503,"percentile":590},"2026-01-12",0.13524,{"date":592,"score":503,"percentile":593},"2026-01-13",0.13497,{"date":595,"score":503,"percentile":596},"2026-01-14",0.13555,{"date":598,"score":503,"percentile":599},"2026-01-15",0.13553,{"date":601,"score":503,"percentile":602},"2026-01-16",0.13597,{"date":604,"score":503,"percentile":605},"2026-01-17",0.13613,{"date":607,"score":503,"percentile":554},"2026-01-18",{"date":609,"score":503,"percentile":610},"2026-01-19",0.13476,{"date":612,"score":503,"percentile":613},"2026-01-20",0.13456,{"date":615,"score":503,"percentile":616},"2026-01-21",0.13441,{"date":618,"score":503,"percentile":619},"2026-01-22",0.134,{"date":621,"score":503,"percentile":622},"2026-01-23",0.13481,{"date":624,"score":503,"percentile":625},"2026-01-24",0.13525,{"date":627,"score":503,"percentile":628},"2026-01-25",0.13472,{"date":630,"score":503,"percentile":631},"2026-01-26",0.13402,{"date":633,"score":503,"percentile":619},"2026-01-27",{"date":635,"score":503,"percentile":636},"2026-01-28",0.13407,{"date":638,"score":503,"percentile":639},"2026-01-29",0.13388,{"date":641,"score":503,"percentile":642},"2026-01-30",0.13397,{"date":644,"score":503,"percentile":645},"2026-01-31",0.13405,{"date":647,"score":503,"percentile":648},"2026-02-01",0.13414,[650,655,657],{"source":351,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":651,"cvss_v4_0":9},{"baseScore":349,"baseSeverity":652,"vectorString":352,"impactScore":653,"exploitabilityScore":654},"LOW",2.3,4.1,{"source":357,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":656,"cvss_v4_0":9},{"baseScore":349,"baseSeverity":652,"vectorString":352,"impactScore":653,"exploitabilityScore":654},{"source":358,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":658,"cvss_v4_0":659},{"baseScore":349,"baseSeverity":9,"vectorString":352,"impactScore":653,"exploitabilityScore":654},{"baseScore":653,"baseSeverity":9,"vectorString":660,"impactScore":9,"exploitabilityScore":9},"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",[662,672],{"ecosystem":9,"name":663,"vendor":664,"product":663,"cpe_part":665,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":666},"jwt","golang-jwt","a",[667],{"version":668,"is_range":669,"range_type":351,"version_start":9,"version_start_type":9,"version_end":670,"version_end_type":671,"fixed_in":9},"\u003C 4.5.1",true,"4.5.1","excluding",{"ecosystem":673,"name":674,"vendor":675,"product":676,"cpe_part":9,"purl_type":677,"purl_namespace":675,"purl_name":676,"source":9,"versions":678},"Go","github.com/golang-jwt/jwt/v4","github.com/golang-jwt/jwt","v4","golang",[679],{"version":680,"is_range":669,"range_type":681,"version_start":9,"version_start_type":9,"version_end":670,"version_end_type":671,"fixed_in":9},"lt4_5_1","semver"]