OPENSUSE-SU-2024:0149-1

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2024-33664

Published: 03 Jun 2024, 15:48

Last modified:04 Feb 2026, 03:01

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

03 Jun 2024, 15:48

Published

Vulnerability first disclosed

04 Feb 2026, 03:01

Last Modified

Vulnerability information updated

Description

Security update for python-python-jose This update for python-python-jose fixes the following issues: - CVE-2024-33664: Fixed a denial of service via decoding of a JSON Web Encryption token with a high compression ratio (boo#1223422)

Affected Systems

opensuse•python-python-jose&distro=openSUSE Leap 15.5
< 3.0.1-bp155.3.6.1
suse•python-python-jose&distro=SUSE Package Hub 15 SP5
< 3.0.1-bp155.3.6.1

References (3)

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UVCLFV5BBDGCEQHAF5JUYYFSZFDLN3GJ/
https://bugzilla.suse.com/1223422
https://www.suse.com/security/cve/CVE-2024-33664