algorithm confusion issue

[prasadayush]

python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217.

Below are the risk factors associated to this issue -
Critical severity, Package in use

Vulnerability link - https://nvd.nist.gov/vuln/detail/CVE-2024-33663

[KishinNext]

I recommend updating to the latest version of python-jose, as this vulnerability was addressed in issue #346 and fixed in #369.