PYSEC-2024-232

python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217...

PT-2024-4195 · Unknown +2 · Python-Jose +2

Name of the Vulnerable Software and Affected Versions: python-jose versions 3.3.0 and earlier Description: The issue is related to algorithm confusion with OpenSSH ECDSA keys and other key formats in the python-jose component. It is associated with the definition of a prefix blacklist for OpenSSH...