[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-33663":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":134,"aliases":152,"duplicate_of":9,"upstream":156,"downstream":157,"duplicates":168,"related":169,"reserved_at":9,"published_at":174,"modified_at":175,"state":176,"summary":177,"references_raw":185,"kevs":216,"epss":217,"epss_history":220,"metrics":483,"affected":500},"CVE-2024-33663","python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-327","Use of a Broken or Risky Cryptographic Algorithm","The product uses a broken or risky cryptographic algorithm or protocol.","weakness","Draft","Class","High",[20,24,28,118,122,126,130],{"id":21,"name":22,"techniques":23},"CAPEC-20","Encryption Brute Forcing",[],{"id":25,"name":26,"techniques":27},"CAPEC-459","Creating a Rogue Certification Authority Certificate",[],{"id":29,"name":30,"techniques":31},"CAPEC-473","Signature Spoof",[32,109],{"id":33,"name":34,"tactics":35,"countermeasures":42},"T1036.001","Invalid Code Signature",[36,39],{"id":37,"name":38},"TA0030","Defense Evasion",{"id":40,"name":41},"TA0005","Stealth",[43,48,52,56,60,65,70,75,80,85,89,93,97,101,105],{"id":44,"name":45,"tactic":46},"D3-FA","File Analysis",{"name":47},"Detect",{"id":49,"name":50,"tactic":51},"D3-FIM","File Integrity Monitoring",{"name":47},{"id":53,"name":54,"tactic":55},"D3-DA","Dynamic Analysis",{"name":47},{"id":57,"name":58,"tactic":59},"D3-EFA","Emulated File Analysis",{"name":47},{"id":61,"name":62,"tactic":63},"D3-FEV","File Eviction",{"name":64},"Evict",{"id":66,"name":67,"tactic":68},"D3-DF","Decoy File",{"name":69},"Deceive",{"id":71,"name":72,"tactic":73},"D3-FE","File Encryption",{"name":74},"Harden",{"id":76,"name":77,"tactic":78},"D3-RF","Restore File",{"name":79},"Restore",{"id":81,"name":82,"tactic":83},"D3-CF","Content Filtering",{"name":84},"Isolate",{"id":86,"name":87,"tactic":88},"D3-LFP","Local File Permissions",{"name":84},{"id":90,"name":91,"tactic":92},"D3-RFAM","Remote File Access Mediation",{"name":84},{"id":94,"name":95,"tactic":96},"D3-CQ","Content Quarantine",{"name":84},{"id":98,"name":99,"tactic":100},"D3-CM","Content Modification",{"name":84},{"id":102,"name":103,"tactic":104},"D3-EAL","Executable Allowlisting",{"name":84},{"id":106,"name":107,"tactic":108},"D3-EDL","Executable Denylisting",{"name":84},{"id":110,"name":111,"tactics":112,"countermeasures":117},"T1553.002","Code Signing",[113,114],{"id":37,"name":38},{"id":115,"name":116},"TA0112","Defense Impairment",[],{"id":119,"name":120,"techniques":121},"CAPEC-475","Signature Spoofing by Improper Validation",[],{"id":123,"name":124,"techniques":125},"CAPEC-608","Cryptanalysis of Cellular Encryption",[],{"id":127,"name":128,"techniques":129},"CAPEC-614","Rooting SIM Cards",[],{"id":131,"name":132,"techniques":133},"CAPEC-97","Cryptanalysis",[],[135,144],{"_key":136,"name":137,"source":138,"url":139,"maturity":140,"reliability_score":141,"verified":142,"type":9,"platforms":143,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_MPDAVIS_PYTHON-JOSE","Python Jose","github","https://github.com/mpdavis/python-jose/issues/344","poc",0.3,false,[],{"_key":145,"name":146,"source":147,"url":148,"maturity":149,"reliability_score":150,"verified":142,"type":9,"platforms":151,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_DBA7A59465B34018","Exploit Reference (vicarius.io)","reference","https://www.vicarius.io/vsociety/posts/algorithm-confusion-in-python-jose-cve-2024-33663","unknown",0.2,[],[153,154,155],"GHSA-6c5p-j8vq-pqhj","PYSEC-2024-232","ECHO-04e0-8ccc-e285",[],[158,160,162,164,166],{"_key":159},"UBUNTU-CVE-2024-33663",{"_key":161},"OPENSUSE-SU-2024:0118-1",{"_key":163},"OPENSUSE-SU-2024:13928-1",{"_key":165},"DEBIAN-CVE-2024-33663",{"_key":167},"RHSA-2024:6428",[],[170,171,172],{"_key":161},{"_key":163},{"_key":173},"CGA-8JXW-RMGP-5527","2024-04-25T00:00:00.000Z","2024-09-03T19:34:19.749Z","Analyzed",{"cisa_kev":142,"cisa_ransomware":142,"cisa_vendor":9,"epss_severity":178,"epss_score":179,"severity":180,"severity_score":181,"severity_version":182,"severity_source":183,"severity_vector":184,"severity_status":176},"low",0.00925,"medium",6.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",[186,197,202,207,212],{"url":187,"sources":188,"tags":191},"https://github.com/mpdavis/python-jose/issues/346",[183,189,190],"nvd","osv_pypi",[192,193,194,195,196],"Exploit","Issue Tracking","Vendor Advisory","WEB","REPORT",{"url":148,"sources":198,"tags":199},[183,189,190],[192,200,201,195],"Mitigation","Third Party Advisory",{"url":203,"sources":204,"tags":205},"https://nvd.nist.gov/vuln/detail/CVE-2024-33663",[190],[206],"Advisory",{"url":208,"sources":209,"tags":210},"https://github.com/mpdavis/python-jose",[190],[211],"PACKAGE",{"url":213,"sources":214,"tags":215},"https://github.com/pypa/advisory-database/tree/main/vulns/python-jose/PYSEC-2024-232.yaml",[190],[195],[],{"date":218,"score":179,"percentile":219},"2026-06-04",0.76407,[221,225,228,231,234,236,239,242,245,248,251,254,257,260,263,267,270,273,277,280,283,286,288,291,294,297,300,303,306,309,312,315,317,320,322,325,328,331,334,337,340,343,345,348,351,354,357,360,363,366,368,371,374,376,379,382,385,388,391,394,397,400,403,406,409,412,415,418,421,424,427,430,433,436,439,442,445,447,449,452,455,458,461,464,466,469,472,474,477,480],{"date":222,"score":223,"percentile":224},"2025-11-04",0.00684,0.7086,{"date":226,"score":223,"percentile":227},"2025-11-05",0.70843,{"date":229,"score":223,"percentile":230},"2025-11-06",0.70841,{"date":232,"score":223,"percentile":233},"2025-11-07",0.70856,{"date":235,"score":223,"percentile":233},"2025-11-08",{"date":237,"score":223,"percentile":238},"2025-11-09",0.70848,{"date":240,"score":223,"percentile":241},"2025-11-10",0.70833,{"date":243,"score":223,"percentile":244},"2025-11-11",0.7084,{"date":246,"score":223,"percentile":247},"2025-11-12",0.70863,{"date":249,"score":223,"percentile":250},"2025-11-13",0.7087,{"date":252,"score":223,"percentile":253},"2025-11-14",0.70876,{"date":255,"score":223,"percentile":256},"2025-11-15",0.70879,{"date":258,"score":223,"percentile":259},"2025-11-16",0.70874,{"date":261,"score":223,"percentile":262},"2025-11-17",0.70868,{"date":264,"score":265,"percentile":266},"2025-11-18",0.00101,0.23939,{"date":268,"score":265,"percentile":269},"2025-11-19",0.23965,{"date":271,"score":265,"percentile":272},"2025-11-20",0.23976,{"date":274,"score":275,"percentile":276},"2025-11-21",0.00703,0.71314,{"date":278,"score":275,"percentile":279},"2025-11-22",0.71307,{"date":281,"score":275,"percentile":282},"2025-11-23",0.71289,{"date":284,"score":223,"percentile":285},"2025-11-24",0.70858,{"date":287,"score":223,"percentile":224},"2025-11-25",{"date":289,"score":223,"percentile":290},"2025-11-26",0.70866,{"date":292,"score":223,"percentile":293},"2025-11-27",0.70867,{"date":295,"score":223,"percentile":296},"2025-11-28",0.70854,{"date":298,"score":223,"percentile":299},"2025-11-29",0.70844,{"date":301,"score":223,"percentile":302},"2025-11-30",0.70836,{"date":304,"score":223,"percentile":305},"2025-12-01",0.70979,{"date":307,"score":223,"percentile":308},"2025-12-02",0.70994,{"date":310,"score":223,"percentile":311},"2025-12-03",0.70992,{"date":313,"score":223,"percentile":314},"2025-12-04",0.70845,{"date":316,"score":223,"percentile":285},"2025-12-05",{"date":318,"score":223,"percentile":319},"2025-12-06",0.70861,{"date":321,"score":223,"percentile":224},"2025-12-07",{"date":323,"score":223,"percentile":324},"2025-12-08",0.70864,{"date":326,"score":223,"percentile":327},"2025-12-09",0.70896,{"date":329,"score":223,"percentile":330},"2025-12-10",0.70932,{"date":332,"score":223,"percentile":333},"2025-12-11",0.70953,{"date":335,"score":223,"percentile":336},"2025-12-12",0.70978,{"date":338,"score":223,"percentile":339},"2025-12-13",0.70981,{"date":341,"score":223,"percentile":342},"2025-12-14",0.70983,{"date":344,"score":223,"percentile":305},"2025-12-15",{"date":346,"score":223,"percentile":347},"2025-12-16",0.70989,{"date":349,"score":223,"percentile":350},"2025-12-17",0.71005,{"date":352,"score":223,"percentile":353},"2025-12-18",0.71028,{"date":355,"score":223,"percentile":356},"2025-12-19",0.71044,{"date":358,"score":223,"percentile":359},"2025-12-20",0.71043,{"date":361,"score":223,"percentile":362},"2025-12-21",0.71037,{"date":364,"score":223,"percentile":365},"2025-12-22",0.71036,{"date":367,"score":223,"percentile":365},"2025-12-23",{"date":369,"score":223,"percentile":370},"2025-12-24",0.71041,{"date":372,"score":223,"percentile":373},"2025-12-25",0.7107,{"date":375,"score":223,"percentile":373},"2025-12-26",{"date":377,"score":223,"percentile":378},"2025-12-27",0.71109,{"date":380,"score":223,"percentile":381},"2025-12-28",0.71042,{"date":383,"score":223,"percentile":384},"2025-12-29",0.71038,{"date":386,"score":223,"percentile":387},"2025-12-30",0.71054,{"date":389,"score":223,"percentile":390},"2025-12-31",0.71077,{"date":392,"score":223,"percentile":393},"2026-01-01",0.7123,{"date":395,"score":223,"percentile":396},"2026-01-02",0.71225,{"date":398,"score":223,"percentile":399},"2026-01-03",0.71223,{"date":401,"score":223,"percentile":402},"2026-01-04",0.71078,{"date":404,"score":223,"percentile":405},"2026-01-05",0.71073,{"date":407,"score":223,"percentile":408},"2026-01-06",0.71081,{"date":410,"score":223,"percentile":411},"2026-01-07",0.71096,{"date":413,"score":223,"percentile":414},"2026-01-08",0.71112,{"date":416,"score":223,"percentile":417},"2026-01-09",0.71122,{"date":419,"score":223,"percentile":420},"2026-01-10",0.71121,{"date":422,"score":223,"percentile":423},"2026-01-11",0.71114,{"date":425,"score":223,"percentile":426},"2026-01-12",0.71104,{"date":428,"score":223,"percentile":429},"2026-01-13",0.71103,{"date":431,"score":223,"percentile":432},"2026-01-14",0.71127,{"date":434,"score":223,"percentile":435},"2026-01-15",0.71132,{"date":437,"score":223,"percentile":438},"2026-01-16",0.71148,{"date":440,"score":223,"percentile":441},"2026-01-17",0.71142,{"date":443,"score":223,"percentile":444},"2026-01-18",0.71118,{"date":446,"score":223,"percentile":414},"2026-01-19",{"date":448,"score":223,"percentile":417},"2026-01-20",{"date":450,"score":223,"percentile":451},"2026-01-21",0.71126,{"date":453,"score":223,"percentile":454},"2026-01-22",0.71136,{"date":456,"score":223,"percentile":457},"2026-01-23",0.71165,{"date":459,"score":223,"percentile":460},"2026-01-24",0.7117,{"date":462,"score":223,"percentile":463},"2026-01-25",0.71145,{"date":465,"score":223,"percentile":441},"2026-01-26",{"date":467,"score":223,"percentile":468},"2026-01-27",0.71144,{"date":470,"score":223,"percentile":471},"2026-01-28",0.71164,{"date":473,"score":223,"percentile":457},"2026-01-29",{"date":475,"score":223,"percentile":476},"2026-01-30",0.71172,{"date":478,"score":223,"percentile":479},"2026-01-31",0.71174,{"date":481,"score":223,"percentile":482},"2026-02-01",0.71305,[484,489,491],{"source":183,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":485,"cvss_v4_0":9},{"baseScore":181,"baseSeverity":486,"vectorString":184,"impactScore":487,"exploitabilityScore":488},"MEDIUM",4.2,10,{"source":189,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":490,"cvss_v4_0":9},{"baseScore":181,"baseSeverity":486,"vectorString":184,"impactScore":487,"exploitabilityScore":488},{"source":190,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":492,"cvss_v4_0":497},{"baseScore":493,"baseSeverity":9,"vectorString":494,"impactScore":495,"exploitabilityScore":496},7.4,"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",8.7,5.6,{"baseScore":498,"baseSeverity":9,"vectorString":499,"impactScore":9,"exploitabilityScore":9},9.3,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",[501,512],{"ecosystem":502,"name":503,"vendor":502,"product":503,"cpe_part":9,"purl_type":504,"purl_namespace":9,"purl_name":503,"source":9,"versions":505},"PyPI","python-jose","pypi",[506],{"version":507,"is_range":508,"range_type":509,"version_start":9,"version_start_type":9,"version_end":510,"version_end_type":511,"fixed_in":9},"lt3_4_0",true,"ecosystem","3.4.0","excluding",{"ecosystem":9,"name":503,"vendor":513,"product":503,"cpe_part":514,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":515},"python-jose_project","a",[516],{"version":517,"is_range":508,"range_type":518,"version_start":9,"version_start_type":9,"version_end":519,"version_end_type":520,"fixed_in":9},"lte3.3.0","cpe","3.3.0","including"]