Количество 7
Количество 7
CVE-2024-29370
In python-jose 3.3.0 (specifically jwe.decrypt), a vulnerability allows an attacker to cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.
CVE-2024-29370
In python-jose 3.3.0 (specifically jwe.decrypt), a vulnerability allows an attacker to cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.
CVE-2024-29370
In python-jose 3.3.0 (specifically jwe.decrypt), a vulnerability allows an attacker to cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.
CVE-2024-29370
In python-jose 3.3.0 (specifically jwe.decrypt), a vulnerability allow ...
GHSA-h4pw-wxh7-4vjj
Duplicate Advisory: python-jose denial of service via compressed JWE content
BDU:2025-16345
Уязвимость библиотеки python-jose, связанная с некорректной обработкой сильно сжатых входных данных, позволяющая нарушителю вызвать отказ в обслуживании
ROS-20260209-73-0034
Уязвимость python-jose
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-29370 In python-jose 3.3.0 (specifically jwe.decrypt), a vulnerability allows an attacker to cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. | CVSS3: 5.3 | 0% Низкий | 4 месяца назад |
 | CVE-2024-29370 In python-jose 3.3.0 (specifically jwe.decrypt), a vulnerability allows an attacker to cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. | CVSS3: 7.5 | 0% Низкий | 4 месяца назад |
 | CVE-2024-29370 In python-jose 3.3.0 (specifically jwe.decrypt), a vulnerability allows an attacker to cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. | CVSS3: 5.3 | 0% Низкий | 4 месяца назад |
| CVE-2024-29370 In python-jose 3.3.0 (specifically jwe.decrypt), a vulnerability allow ... | CVSS3: 5.3 | 0% Низкий | 4 месяца назад |
| GHSA-h4pw-wxh7-4vjj Duplicate Advisory: python-jose denial of service via compressed JWE content | CVSS3: 5.3 | 0% Низкий | 4 месяца назад |
 | BDU:2025-16345 Уязвимость библиотеки python-jose, связанная с некорректной обработкой сильно сжатых входных данных, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.3 | 0% Низкий | около 2 лет назад |
 | ROS-20260209-73-0034 Уязвимость python-jose | CVSS3: 5.3 | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу