Millie Solem

icon indicating a website link solem.dev

icon location Oslo, Norway icon location CTF-player with a strong passion for cryptography and information security. Always learning new things. Aka 'Sithis'

Results 3 comments of Millie Solem

Fix CVE-2024-33663

I recommend throwing an exception if algorithms is None, rather than setting to ALL. Not specifying the algorithms field is the source of algorithm confusion issues.

Fix CVE-2024-33663

@chrisribe seeing as the library has not seen a release for three years, I wouldn't hold my breath. Switch to PyJWT if you have a project affected by this.

Algorithm confusion with OpenSSH ECDSA keys and other key formats

This vulnerability is now tracked under CVE-2024-33663