Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2024-33664

Disclosure Date: April 26, 2024 (last updated April 26, 2024)
python-jose through 3.3.0 allows attackers to cause a denial of service (resource consumption) during a decode via a crafted JSON Web Encryption (JWE) token with a high compression ratio, aka a "JWT bomb." This is similar to CVE-2024-21319.
0
Attacker Value
Unknown

CVE-2024-21319

Disclosure Date: January 09, 2024 (last updated January 17, 2024)
Microsoft Identity Denial of service vulnerability