Threat Intel

v0.1

← CVEs

CVE-2024-29370

MED 5.3
Published
2025-12-17
Last Modified
2026-01-05
Affected Apps
12
Affected Devices
53
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
In python-jose 3.3.0 (specifically jwe.decrypt), a vulnerability allows an attacker to cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.
Affected Applications in Environment 12
Python
11 devices
Python vWindows 11 (26.57288.0)
1 device
jose v14-1.el9
27 devices
jose v10-2.el8_10.3
2 devices
jose v10-2.el8_10.3
3 devices
jose v14-102.el10
1 device
jose v14-1.el9
1 device
jose v10-2.el8
2 devices
jose v14-1.el9
2 devices
jose v14-1.el9
1 device
python v2.7.5-5ubuntu3
1 device
python v2.7.5-93.el7_9
1 device
Affected Devices 53
Brians-Mac-mini.local Mac Kellys-MacBook-Pro-3.local Mac MacBook-Pro.local Mac a00017110-J7TV3C9HW5 Mac a00344487-F622TJW0NM Mac a02235045-MX74HJV2J3 Mac a02265864-LFW93MQ9P7 Mac a02388352-LQ22WMQLKF Mac a02424859-LHV909KCR7 Mac a02456553-G06QD7XKWW Mac a02513954-D2V97K4D2L Mac chela03 Linux chela04 Linux chela05 Linux dpapsb-161390.aggies.usu.edu Linux dpapsb-191594.mypc.usu.edu Linux el103-02.ece.usu.edu Linux el103-03.ece.usu.edu Linux el103-04.ece.usu.edu Linux el103-05.ece.usu.edu Linux el103-07.ece.usu.edu Linux el103-08.ece.usu.edu Linux el103-09.ece.usu.edu Linux el103-10.ece.usu.edu Linux el103-14.ece.usu.edu Linux el103-15.ece.usu.edu Linux el103-16.ece.usu.edu Linux el103-17.ece.usu.edu Linux el103-18.ece.usu.edu Linux el103-19.ece.usu.edu Linux el103-20.ece.usu.edu Linux el120-01.ece.usu.edu Linux el120-02.ece.usu.edu Linux el120-03.ece.usu.edu Linux el120-04.ece.usu.edu Linux el120-05.ece.usu.edu Linux el120-06.ece.usu.edu Linux el120-08.ece.usu.edu Linux el120-09.ece.usu.edu Linux el120-10.ece.usu.edu Linux el120-11.ece.usu.edu Linux el120-12.ece.usu.edu Linux el120-14.ece.usu.edu Linux eprocdev.banner.usu.edu Linux facreadyprod.pplant.usu.edu Linux facreadytestrhel.pplant.usu.edu Linux facshibsp2.pplant.usu.edu Linux guru.cluster Linux mac.lan Mac oms.db.usu.edu Linux paymentworksdev.banner.usu.edu Linux thinkstation Linux web05 Linux
References 1