Lucene search
MitreVULNRICHMENT:CVE-2024-33663HistoryApr 25, 2024 - 12:00 a.m.
CVE-2024-33663
2024-04-2500:00:00
mitre
github.com
5
python-jose algorithm confusion openssh ecdsa keys
python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:python-jose_project:python-jose:*:*:*:*:*:*:*:*"
],
"vendor": "python-jose_project",
"product": "python-jose",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "3.3.0"
}
],
"defaultStatus": "unknown"
}
]Related
debiancve
debiancve
ubuntucve
ubuntucve
github
github
python-jose algorithm confusion with OpenSSH ECDSA keys
2024-04-26 00:30:35
Authlib has algorithm confusion with asymmetric public keys
2024-06-09 21:30:33
Key confusion through non-blocklisted public key formats
2022-05-24 22:17:27
cve
cve
cvelist
cvelist
CVE-2024-33663
2024-04-25 00:00:00
CVE-2024-37568
2024-06-09 00:00:00
redhatcve
redhatcve
CVE-2024-33663
2024-04-26 06:04:23
CVE-2022-29217
2022-05-25 02:21:09
osv
osv
CVE-2024-33663
2024-04-26 00:15:09
python-jose algorithm confusion with OpenSSH ECDSA keys
2024-04-26 00:30:35
Authlib has algorithm confusion with asymmetric public keys
2024-06-09 21:30:33
nessus
nessus
openSUSE 15 Security Update : python-python-jose (openSUSE-SU-2024:0118-1)
2024-05-08 00:00:00
SUSE SLES12 Security Update : python-PyJWT (SUSE-SU-2022:2401-1)
2022-07-15 00:00:00
SUSE SLES15 Security Update : python-PyJWT (SUSE-SU-2022:3545-1)
2022-10-07 00:00:00
nvd
nvd
mageia
mageia
Updated python-authlib packages fix security vulnerability
2024-06-25 19:12:04
Updated python-pyjwt packages fix security vulnerability
2022-07-01 00:31:09
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0238)
2024-06-26 00:00:00
openSUSE: Security Advisory for python (openSUSE-SU-2024:0118-1)
2024-05-08 00:00:00
openSUSE: Security Advisory for python-PyJWT (SUSE-SU-2022:2402-1)
2022-07-15 00:00:00
vulnrichment
vulnrichment
CVE-2024-37568
2024-06-09 00:00:00
veracode
veracode
Improper Signature Validation
2024-04-29 06:33:23
Authentication Bypass
2022-05-25 07:35:03
cbl_mariner
cbl_mariner
CVE-2022-29217 affecting package python-jwt for versions less than 2.4.0-1
2022-06-26 03:29:33
CVE-2022-29217 affecting package python-jwt 1.7.1-9
2022-07-14 20:59:55
fedora
fedora
[SECURITY] Fedora 35 Update: python-jwt-2.4.0-1.fc35
2022-06-01 01:27:09
[SECURITY] Fedora 36 Update: python-jwt-2.4.0-1.fc36
2022-05-27 01:10:44
ibm
ibm
redos
redos
ROS-20240911-10
2024-09-11 00:00:00
ROS-20240619-01
2024-06-19 00:00:00
prion
prion
Code injection
2022-05-24 15:15:00
suse
suse
Security update for python-PyJWT (important)
2022-07-14 00:00:00
ubuntu
ubuntu
PyJWT vulnerability
2022-07-20 00:00:00
alpinelinux
alpinelinux
CVE-2022-29217
2022-05-24 15:15:07
redhat
redhat
AI Score
6.7
Confidence
Low
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-33663