HIGH7.4CVE-2024-33663python-jose algorithm confusion with OpenSSH ECDSA keys
from 0
MEDIUM6.5CVE-2025-61152python-jose thru 3.3.0 allows JWT tokens with 'alg=none' to be decoded and accepted without any cryptographic signature verification.
from 0
MEDIUM5.3CVE-2024-29370Duplicate Advisory: python-jose denial of service via compressed JWE content
from 0
MEDIUM5.3python-jose denial of service via compressed JWE content