{"id":"GO-2025-3553","summary":"Excessive memory allocation during header parsing in github.com/golang-jwt/jwt","details":"Excessive memory allocation during header parsing in github.com/golang-jwt/jwt","aliases":["CVE-2025-30204","GHSA-mh63-6h87-95cp"],"modified":"2026-02-04T04:02:07.286187Z","published":"2025-03-26T17:24:24Z","related":["CGA-mpmq-7q6x-72g6","RHSA-2025:3344","RHSA-2025:3411","RHSA-2025:3616","RHSA-2025:3618","RHSA-2025:3698","RHSA-2025:4462","RHSA-2025:4569","RHSA-2025:4669","RHSA-2025:7404","RHSA-2025:7407","RHSA-2025:7425","RHSA-2025:7475","RHSA-2025:7479","RHSA-2025:7503","RHSA-2025:7967","RHSA-2025:8075","RHSA-2025:8267","RHSA-2026:1536"],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2025-3553","review_status":"REVIEWED"},"references":[{"type":"ADVISORY","url":"https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp"},{"type":"FIX","url":"https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3"}],"affected":[{"package":{"name":"github.com/golang-jwt/jwt","ecosystem":"Go","purl":"pkg:golang/github.com/golang-jwt/jwt"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2025-3553.json"}},{"package":{"name":"github.com/golang-jwt/jwt/v4","ecosystem":"Go","purl":"pkg:golang/github.com/golang-jwt/jwt/v4"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"4.5.2"}]}],"ecosystem_specific":{"imports":[{"symbols":["Parser.ParseUnverified"],"path":"github.com/golang-jwt/jwt/v4"}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2025-3553.json"}},{"package":{"name":"github.com/golang-jwt/jwt/v5","ecosystem":"Go","purl":"pkg:golang/github.com/golang-jwt/jwt/v5"},"ranges":[{"type":"SEMVER","events":[{"introduced":"5.0.0-rc.1"},{"fixed":"5.2.2"}]}],"ecosystem_specific":{"imports":[{"symbols":["Parser.ParseUnverified"],"path":"github.com/golang-jwt/jwt/v5"}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2025-3553.json"}}],"schema_version":"1.7.3"}