pyjwt is vulnerable to authentication bypass. The library permits an attacker submitting a JWT token to choose which algorithms are used when signing in, enabling non-blocklisted, but weak public key formats to be supported in the authentication process.Read More