Date: 2026-06-16 Target: PyJWT PyJWKClient 2.13.0 (patched CVE-2026-48522) Verdict: VULNERABLE-CONFIRMED (Low-Mod)
fetch primitive follows redirects. The validated value (initial URL) != the value actually dereferenced
(final URL after N redirects). Set-difference, per-HOP: {hops the guard covers} minus {hops the fetcher
will follow}. PyJWT validated hop 0 (http/https only) but urllib.urlopen follows hop 1 to ftp:// (urllib's
HTTPRedirectHandler allows http/https/FTP and never re-checks the app's policy). file:// was blocked by
urllib even via redirect - so the gap is scheme-SPECIFIC (ftp), proven with a file:// control case.
Re-ran with a TCP catcher I control as the redirect target -> catcher.accept() firing = irrefutable proof the outbound connection happened. Pair with a control (file://) that SHOULD be blocked to show the gap is specific, not a general re-report. (Same verify-the-primitive discipline as cycle241's real-CRLF detector.)
socket catcher. No external infra. Repeatable for redirect/rebinding SSRF leads on a RAM-tight box.