SUSE Package Hub - openSUSE-2024-149

Update Info

openSUSE-2024-149

Security update for python-python-jose

Type: security

Severity: important

Issued: 2024-06-03

Description:

This update for python-python-jose fixes the following issues:

- CVE-2024-33664: Fixed a denial of service via decoding of a JSON Web Encryption token with a high compression ratio (boo#1223422)

References

CVE: CVE-2024-33664
Bugzilla: 1223422 VUL-0: CVE-2024-33664: python-python-jose: denial of service via decoding of a JSON Web Encryption (JWE ) token with a high compression ratio

Packages

python-python-jose-3.0.1-bp155.3.6.1