python-jose is vulnerable to Denial of Service (DoS). The vulnerability is due to missing token size limits during the decoding process of a JSON Web Encryption (JWE) token. An attacker can submit a token with a high compression ratio, depleting system resources which can result in Denial of Service. This vulnerability is known as a "JWT bomb", similar to a "zip…Read More
Denial Of Service (DoS)
