CVE-2024-33663

mpdavis/python-jose

on github

Published

April 26, 2024

Severity

CVSS v3:

N/A

CVSS v2:

N/A

Description

python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217.

References

https://github.com/mpdavis/python-jose/issues/346

Configurations

CPE23	Version Start	Version End	Exact Version

External Links

NVD - CVE-2024-33663