Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown
CVE-2024-33664
Disclosure Date: April 26, 2024 (last updated April 26, 2024)
python-jose through 3.3.0 allows attackers to cause a denial of service (resource consumption) during a decode via a crafted JSON Web Encryption (JWE) token with a high compression ratio, aka a "JWT bomb." This is similar to CVE-2024-21319.
0