CVE-2024-33663

creationtimestamp| type| source ---|---|--- 2026-02-24 10:10:33+00:00| seen| https://gist.github.com/uug4na/f0d56845fe87e7a5ba56d464372ac06a...

Linux Distros Unpatched Vulnerability : CVE-2024-33663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217. CVE-2024-33663 Note that...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in python-jose

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of python-jose Vulnerability Details CVEID:CVE-2024-33663 DESCRIPTION: python-jose could allow a remote attacker to bypass security restrictions, caused by a flaw when the algorithm field is left unspecified when calling...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to python_jose-3.3.0-py2.py3-none-any.whl CVE-2024-33663

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to pythonjose-3.3.0-py2.py3-none-any.whl CVE-2024-33663. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-33663 DESCRIPTION: python-jose could allow a remote...

Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.4 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Updated python-authlib packages fix security vulnerability

Authlib before 1.3.1 has algorithm confusion with asymmetric public keys. Unless an algorithm is specified in a jwt.decode call, HMAC verification is allowed with any asymmetric public key. This is similar to CVE-2022-29217 and CVE-2024-33663...

openSUSE Security Advisory (openSUSE-SU-2024:0118-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : python-python-jose (openSUSE-SU-2024:0118-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2024:0118-1 advisory. - python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217. CVE-2024-33663 Note...

OPENSUSE-SU-2024:0118-1 Security update for python-python-jose

This update for python-python-jose fixes the following issues: CVE-2024-33663: Fixed algorithm confusion with OpenSSH ECDSA keys and other key formats boo1223417...

Security update for python-python-jose (important)

openSUSE Security Update: Security update for python-python-jose Announcement ID: openSUSE-SU-2024:0118-1 Rating: important References: 1223417 Cross-References: CVE-2024-33663 CVSS scores: CVE-2024-33663 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: openSUSE Backports...

CVE-2024-33663

python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217...

aef-gw (>=0.1.1 <=0.1.15), airiam (>=0.1.2 <=0.1.8) +169 more potentially affected by CVE-2024-33663 via python-jose (>=0.5.5 <=3.3.0)

python-jose PYPI version =0.5.5, =0.1.1, =0.1.2, =0.1.0, =0.8.0, =0.9.0, =1.23.0.dev0, =0.1.2, =0.1.18, =1.1.3, =1.5.0, =0.1.7, =0.31.6, =0.3.0, =0.9.0, =0.0.12, =0.0.14 and more Source cves: CVE-2024-33663 Source advisory: OSV:GHSA-6C5P-J8VQ-PQHJ...

aef-gw (>=0.1.1 <=0.1.15), airiam (>=0.1.2 <=0.1.8) +169 more potentially affected by CVE-2024-33663 via python-jose (>=0.5.5 <=3.3.0)

python-jose PYPI version =0.5.5, =0.1.1, =0.1.2, =0.1.0, =0.8.0, =0.9.0, =1.23.0.dev0, =0.1.2, =0.1.18, =1.1.3, =1.5.0, =0.1.7, =0.31.6, =0.3.0, =0.9.0, =0.0.12, =0.0.14 and more Source cves: CVE-2024-33663 Source advisory: OSV:PYSEC-2024-232...

DEBIAN-CVE-2024-33663

python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217...

UBUNTU-CVE-2024-33663

python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217...

CVE-2024-33663

python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217...

CVE-2024-33663

CVE-2024-33663 concerns python-jose up to version 3.3.0, where an algorithm confusion occurs between OpenSSH ECDSA keys and other key formats. The issue, described across multiple feeds (CNNVD, Debian tracker, CVE lists), is analogous to CVE-2022-29217 and is framed as a key-format/algorithm conf...

CVE-2024-33663

python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217...