From 7049927e656b5d9ca0dacc3f6c04b9c7afad23aa Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Thu, 5 Feb 2026 07:59:46 +0100
Subject: python3-pyjwt: ignore CVE-2025-45768

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-45768

The CVE is disputed: though the vulnerability is there, but it comes
from incorrect configuration of the library by the main application.

Due to this, ignore this CVE.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
---
 meta-python/recipes-devtools/python/python3-pyjwt_2.10.1.bb | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'meta-python')

diff --git a/meta-python/recipes-devtools/python/python3-pyjwt_2.10.1.bb b/meta-python/recipes-devtools/python/python3-pyjwt_2.10.1.bb
index d23347878e..3954c526f5 100644
--- a/meta-python/recipes-devtools/python/python3-pyjwt_2.10.1.bb
+++ b/meta-python/recipes-devtools/python/python3-pyjwt_2.10.1.bb
@@ -8,6 +8,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=e4b56d2c9973d8cf54655555be06e551"
 SRC_URI[sha256sum] = "3cc5772eb20009233caf06e9d8a0577824723b44e6648ee0a2aedb6cf9381953"
 
 PYPI_PACKAGE = "pyjwt"
+CVE_STATUS[CVE-2025-45768] = "disputed: vulnerability can be avoided if the library is used correctly"
+
 inherit pypi python_setuptools_build_meta
 
 RDEPENDS:${PN} = "\
-- 
cgit v1.2.3-54-g00ecf