[GHSA-993g-76c3-p5m4] PyJWKClient: missing scheme allowlist enables CVE-2024-21643-class SSRF + token forgery via file://, ftp://, data: schemes #7931
Triggered via pull request
July 7, 2026 06:37
shaked-seal
opened
#8521
Status
Success
Total duration
1m 11s
Artifacts
–
create_staging_branch.yaml
on: pull_request_target
ensure-base-is-staging
1m 8s