CVE-2024-33664

CVE-2024-33664

python-jose through 3.3.0 allows attackers to cause a denial of service (resource consumption) during a decode via a crafted JSON Web Encryption (JWE) token with a high compression ratio, aka a "JWT bomb." This is similar to CVE-2024-21319.

CVE-2024-33664

python-jose through 3.3.0 allows attackers to cause a denial of service (resource consumption) during a decode via a crafted JSON Web Encryption (JWE) token with a high compression ratio, aka a "JWT bomb." This is similar to CVE-2024-21319.

CVE-2024-33664

python-jose through 3.3.0 allows attackers to cause a denial of servic ...

openSUSE-SU-2024:0149-1

Security update for python-python-jose

GHSA-cjwg-qfpm-7377

python-jose denial of service via compressed JWE content