python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | python-jose | <=ย 3.3.0+dfsg-4 | python-jose_3.3.0+dfsg-4_all.deb |
Debian | 999 | all | python-jose | <=ย 3.3.0+dfsg-5 | python-jose_3.3.0+dfsg-5_all.deb |
Debian | 13 | all | python-jose | <=ย 3.3.0+dfsg-5 | python-jose_3.3.0+dfsg-5_all.deb |