Github.Com Golang-Jwt Jwt V4 vulnerabilities

CVE-2025-30204 [HIGH] CWE-405 jwt-go allows excessive memory allocation during header parsing jwt-go allows excessive memory allocation during header parsing ### Summary Function [`parse.ParseUnverified`](https://github.com/golang-jwt/jwt/blob/c035977d9e11c351f4c05dfeae193923cbab49ee/parser.go#L138-L139) currently splits (via a call to [strings.Split](https://pkg.go.dev/strings#Split)) its argument (which is untrusted data) on periods. As a result, in the face of a malicious request whose _Au

CVE-2024-51744 [LOW] CWE-347 Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations ### Summary Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by `ParseWithClaims` re