Skip to main content

Scitokens

2 CVEs product

Monthly

CVE-2026-32727 PyPI HIGH PATCH GHSA This Week

Path traversal in SciTokens library (all versions before 1.9.7) allows authenticated attackers to bypass directory access restrictions and access unauthorized files. Attackers can inject dot-dot-slash sequences (..) into JWT scope claims to escape intended authorization boundaries due to improper path normalization during enforcement checks. CVSS 8.1 (High) with network attack vector and low complexity. EPSS data not available; no confirmed active exploitation (CISA KEV) identified at time of analysis, though publicly available exploit code exists via GitHub advisory and commit references.

Path Traversal Scitokens
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-32716 PyPI HIGH PATCH GHSA This Week

Authorization bypass in SciTokens library (versions prior to 1.9.6) allows authenticated users with valid tokens scoped to specific paths to access unintended sibling paths through flawed prefix-matching validation logic. An attacker with a token for '/john' can access '/johnathan' or '/johnny' due to incorrect string prefix validation in the Enforcer component, enabling unauthorized data access and modification (CVSS 8.1, High integrity/confidentiality impact). No public exploit identified at time of analysis, though the vulnerability is straightforward to exploit with valid credentials (EPSS data not provided, CVSS complexity rated Low).

Authentication Bypass Scitokens
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.0%
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Path traversal in SciTokens library (all versions before 1.9.7) allows authenticated attackers to bypass directory access restrictions and access unauthorized files. Attackers can inject dot-dot-slash sequences (..) into JWT scope claims to escape intended authorization boundaries due to improper path normalization during enforcement checks. CVSS 8.1 (High) with network attack vector and low complexity. EPSS data not available; no confirmed active exploitation (CISA KEV) identified at time of analysis, though publicly available exploit code exists via GitHub advisory and commit references.

Path Traversal Scitokens
NVD GitHub VulDB
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Authorization bypass in SciTokens library (versions prior to 1.9.6) allows authenticated users with valid tokens scoped to specific paths to access unintended sibling paths through flawed prefix-matching validation logic. An attacker with a token for '/john' can access '/johnathan' or '/johnny' due to incorrect string prefix validation in the Enforcer component, enabling unauthorized data access and modification (CVSS 8.1, High integrity/confidentiality impact). No public exploit identified at time of analysis, though the vulnerability is straightforward to exploit with valid credentials (EPSS data not provided, CVSS complexity rated Low).

Authentication Bypass Scitokens
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy